Today, I'm happy to announce that the Solution Accelerators Team has just released the new Hyper-V Security Guide. This is a new member of a family of Virtualization Solution Accelerators - free tools and guidance from Microsoft to help you accelerate the planning and deployment of your virtualized infrastructure.
This guide provides methods and best practices to strengthen the security of computers running the Hyper-V role on Windows Server 2008. The guide covers the following three topics:
This guide provides you with prescriptive guidance for hardening the Hyper-V role and discuss several best practices for installing and configuring Hyper-V on a Windows Server 2008 server with a focus on security. Best practices include measures for reducing the attack surface of a server running Hyper-V and recommendations for properly configuring secure network and storage devices.
Delegating Virtual Machine Management
For this topic we discuss several available methods for delegating virtual machine management so that virtual machine administrators only have the minimum permissions they require. This guide includes common delegation scenarios and detailed steps to guide you through using Authorization Manager (AzMan) and System Center Virtual Machine Manager 2008 (VMM 2008) to separate virtual machine administrators from virtualization host administrators.
Protecting Virtual Machines
Prescriptive guidance for securing virtual machine resources is also included where we discuss best practices and include detailed steps for protecting virtual machines by using a combination of file system permissions, encryption, and auditing. We also include resources for hardening and updating the operating system instances running within your virtual machines.
Read about our other security Solution Accelerators or Virtualization Solution Accelerators including Microsoft Assessment and Planning Toolkit for Hyper-V and Infrastructure Planning and Design Guide for Hyper-V.
Listen to a Podcast on virtualization security best practices.
Baldwin Ng (Microsoft Solution Accelerators for Virtualization www.microsoft.com/VSA)