Menu
How secure is Hyper-V, really?

How secure is Hyper-V, really?

Hyper-V's current security is dependent upon the security of Windows 2008 Server. Sounds like a hosted solution to me, even though Hyper-V is a type 1 hypervisor-which is designed to run on bare metal and therefore be completely independent of the operating system itself.

So why does Hyper-V depend on Windows 2008 Server security? What zero-day attacks will cause heart-ache for all adopters? Can they be prevented?

And which boots first? If it is Hyper-V, then 2008 should run within a VM, but does it? If Windows 2008 Server crashes or is forced to crash by something malicious, will all the VMs running upon it also come tumbling down?

Does 2008 act as a management appliance, or is it something more that is essential to the running of Hyper-V? Can it run without it?

The Hyper-V virtual switch is actually a bridge, not a Layer-2 Switch, so any VM on the bridge can be seen by any other VM. How many bridges is it possible to create?

Since it is a bridge, and Windows 2008 Server plays a role in bridging, can Windows Server 2008 see every packet as it goes across the bridge?

You should definitely put one before your Server 2008 instance to protect it from attack. But if Server 2008 participates in all the bridging, how can you protect it from the VMs?

From a storage perspective, can disks that store VMs be encrypted, and can Hyper-V work with these?

Can VMs be placed on USB storage? What happens when the storage is taken away when a VM is running?

How do you handle forensics of a Hyper-V VM? Can they be killed as if you were pulling the plug? Is this hampered by the lack of any ability to migrate live VMs?

These questions aren't limited to Hyper-V. Most of Microsoft's virtualization competitors have already faced these questions, and answered most of them.

It does show how long a list of questions are still unanswered about Hyper-V security, though, and that it's Microsoft's turn to be behind the virtual security eight-ball.

Virtualization expert Edward L. Haletky is the author of "VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers," Pearson Education (2008.) He recently left Hewlett-Packard, where he worked in the Virtualization, Linux, and High-Performance Technical Computing teams. Haletky owns AstroArch Consulting, providing virtualization, security, and network consulting and development. Haletky is also a champion and moderator for the VMware discussion forums, providing answers to security and configuration questions.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
Show Comments