Podcast: Essential Steps For Securing Hyper-V

Addressing the security challenges of virtualized environements with Hyper-V

During this week's Converging on Microsoft podcast interview with Mike Schutz, Director of Product Management for the Microsoft Windows Server Division, we discuss the relevant steps necessary to secure servers running Hyper-V. Microsoft has a number of resources you will find helpful (links at the end of this article) and Mike's interview is also a great place to learn what's happening with Hyper-V security.

One of the most valuable tools Microsoft has for securing Hyper-V is their Hyper-V Security Guide. The Hyper-V SG layouts it out in three steps: Hardening Hyper-V, Delegating Virtual Machine Management, and Protecting Virtual Machines. Here are some added thoughts and commentary beyond what the document offers. Check out the document to get the full details.

Hardening Hyper-V. As any good hypervisor must do, Hyper-V has to be as thin a layer of software as possible, thus reducing the attack surface which someone or something could exploit. Matter of fact, there's a interesting debate happening between VMware and the Microsoft Virtualization Team about claims of who's hypervisor isn't thin enough and how VMware ESX had more security patches than Windows Server 2008. (Isn't it fun when titans tussle?)

Probably more relevant to what we can individual do is the attach surface of the host virtualization operating system. Hyper-V will run under a full Windows Server 2008 installation, but that means there are many more components that must be hardened and which could be exploited. Frankly, you're better off installing the Hyper-V server role on a Windows Server 2008 Core Server, or on a Hyper-V Server (essentially the same thing.) The server will require remote administration but you won't have any other unnecessary software hanging around.

You'll also want to separte your management network traffic from network traffic accessing the running virtual instances by install at least two network interfaces on the server, with one dedicated to management access. And of course set up virtual networks that will keep traffic segregated between virtual instances.

The Hyper-V Security Guide has several other configuration recommendations:

  • Determine where to store the virtual machine files and the VHDs.
  • Decide how much memory to assign to a virtual machine.
  • Impose limits on processor usage.
  • Configure only required storage devices for a virtual machine.
  • Enable support for time synchronization.
  • Place virtual machines of a similar trust level on the same physical computer.
  • Delete decommissioned high-security VHDs.
  • Store snapshot files securely.

Delegating Virtual Machine Management. Basically there are two options here; Hyper-V Manager which is part of the Windows Server 2008 Manager or System Center Virtual Machine Manager. Hyper-V Manager is great because it's all ready to go right there on your Windows Server 2008 box (assuming it's not a Core Server) and Hyper-V Manager can be used to manage Hyper-V on boxes that are part of your domain. You can also use Authorization Manager to grant other administrative users some of the rights for managing Hyper-V without giving them full admin rights on the box. While a very convenient option, and one that works very well for small installations, Virtual Machine Manager is much better for larger setups and organizations.

Along with everything Hyper-V Manager does, Virtual Machine Manager brings many more capabilities. One that I particularly like is the web interface that allows individuals' self service administration of just their virtual machines. VMM has many other capabilities relevant to larger installations, including managing third party VM products (VMware, Xen) but I've not had an opportunity to exercise those parts of the product.

Protecting Virtual Machines. Now we're getting down to the security bits and bytes, like properly firewalling your virtual machine operating system and virtual instances, applying access control, group policies and encryption to virtual machine resources, necessary audit trails and patching your virtual machines. Not much to add here other than the thought of using BitLocker to encrypt the virtual machine operating system sounds like one I'd want a lot more experience with BitLocker before encrypting the OS that's managing the server running my virtualized environment. TMP is required to use BitLocker and keep in mind, it's only encrypting the virtual machine OS, not the virtual images that run on the virtual machine.

Resources:Hyper-V Security GuideSecurity In A Virtual WorldWindows Virtualization Team Blog

Like this? Here are some of Mitchell's recent posts.

Recent Podcasts:

Mitchell's book recommendations: Also visit Mitchell's other blogs and podcasts:

Visit Microsoft Subnet for more news, blogs, opinion from around the Web. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

IT Salary Survey: The results are in