Forum Discussion
Best Practice for secure HyperV configuration
Our design and deployment teams were having a debate on the most secure way to deploy HyperV, particularly with respect to Ransomware attacks and protecting from encryption. There seems to be two...
Is this for protecting the host itself against ransomware or the VMs running on the hosts? We've seen instances of users who have access to SMB file shares manage to get the file shares encrypted even though they dont have admin access to the VM. Active Directory joined servers + proper group policy management would be the best approach (Policies to disable autorun, script execution....). Also, if you're talking about protecting the hosts themselves, there should be network policies in place to prevent users from accessing the hosts themselves. I can't think of a situation where an end user would need to be able to get to anything on a Hyper-V host.