« Previous 1 2 3 4
Protect Hyper-V with on-board resources
Counterintelligence
High Availability with Windows Server 2019
Last but not least, service availability is also a security consideration. With Hyper-V Replica, virtual hard disks and entire servers can be replicated and synchronized asynchronously between different Hyper-V hosts on a network with Windows Server 2019. Replication is by way of the filesystem; a cluster is not necessary.
Replication can be performed manually, automatically, or on a schedule, and you can set it up in a Hyper-V Manager wizard. Live migration of virtual servers without clusters is also possible. For Hyper-V hosts to support replication, you first need to enable it. Replication to the free Hyper-V Server 2019 is also possible and can be managed in a wizard, which you start from the context menu of virtual servers in Hyper-V Manager.
Conclusions
Improving the security of Hyper-V hosts and VMs can be accomplished in a number of ways. Before you rely on commercial add-on tools and advanced security measures, why not first leverage the benefits of Windows Server's internal capabilities? Microsoft provides guidance to help you operate Hyper-V hosts in a fundamentally more secure manner. You can also use the Best Practices Analyzer to check whether Hyper-V has problems that can be fixed in just a few steps.
Infos
- Closing the CVE-2020-16891 vulnerability: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16891
- Microsoft Security Compliance Toolkit: https://www.microsoft.com/en-us/download/details.aspx?id=55319
- Defense Information Systems Agency: https://disa.mil
- Windows security by CIS: https://www.cisecurity.org/benchmark/microsoft_windows_server/
- Windows Defender Credential Guard: https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard
- Recommended antivirus exclusions for Hyper-V hosts: https://docs.microsoft.com/en-us/troubleshoot/windows-server/virtualization/antivirus-exclusions-for-hyper-v-hosts
- Generation 2 security settings for VMs: https://github.com/MicrosoftDocs/windowsserverdocs/blob/master/WindowsServerDocs/virtualization/hyper-v/learn-more/Generation-2-virtual-machine-security-settings-for-Hyper-V.md
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)