Hyper-V Security Guide – Now Available
The Hyper-V Security Guide is available by visiting the Hyper-V Security Guide page on TechNet. If you want to keep up to date with what the Solution Accelerator Security Team is doing then check out their blog at http://blogs.technet.com/secguide/default.aspx
Patrick Lownds
This release of the Hyper-V Security Guide consists of this Overview and three chapters that discuss methods and best practices that will help you secure your Hyper-V environment. Brief descriptions follow for each chapter.
Overview
The overview states the purpose and scope of the guide, defines the guide audience, and describes the guide's structure to help you locate the information that is relevant to you. It also describes the user prerequisites for the guidance.
Chapter 1: Hardening Hyper-V
This chapter provides prescriptive guidance for hardening the Hyper-V role. It discusses several best practices for installing and configuring Hyper-V on Windows Server 2008 server with a focus on security. These best practices include measures for reducing the attack surface of a server running Hyper-V and recommendations for properly configuring secure network and storage devices on a server running Hyper-V.
Chapter 2: Delegating Virtual Machine Management
This chapter discusses several available methods for delegating virtual machine management so that virtual machine administrators only have the minimum permissions they require. It describes common delegation scenarios, and includes detailed steps to guide you through using Authorization Manager (AzMan) and System Center VMM 2008 to separate virtual machine administrators from virtualization host administrators.
Chapter 3: Protecting Virtual Machines
This chapter provides prescriptive guidance for securing virtual machine resources. It discusses best practices and includes detailed steps for protecting virtual machines by using a combination of file system permissions, encryption, and auditing. Also included are resources for hardening and updating the operating system instances running within your virtual machines.