We’ve seen in a previous post what are the new features of Hyper-V R2. Following Jeff Woolsey, Hyper-V R2 is superb and responds to customers needs even beyond…
Now let’s have a look at the dark side of the product for a moment, what is lacking fundamentally from this new Hyper-V iteration is security:
“The biggest issue with Hyper-V is it’s still built on Windows,” said Rick Scherer, a VMware evangelist who writes at VMwareTips.com.
“With Hyper-V, there’s one security issue important to large enterprises: the ability to monitor virtual network traffic,” Wolf said. That isn’t addressed by Microsoft, he noted.
“Right now, Hyper-V does not have the capabilities to allow a third-party security application to do traffic monitoring and enforcement within the virtual network,” he added. “It’s still not changed in [Windows Server 2008] R2.”
“The problem is, with virtualization, you can’t rely solely on physical security measures, so you have to “monitor and protect your systems from virtual machines attacking other virtual machines,” Wolf said. “If you are not monitoring virtual traffic, there’s no way you can detect those types of attacks.”
According to a February report by Burton Group, Hyper-V’s shortcomings include a lack of priority restart capabilities for a virtual machine following a failover, a lack of live migration capabilities (which Microsoft will add in R2) and a lack of support for at least two virtual CPUs per guest operating system.
“Our approach to virtual security is that certainly you have to start with a secure platform,” Schutz said.
Burton Group has named only two hypervisors as being enterprise-ready so far: VMware Infrastructure 3 and higher, and Citrix XenServer 5.5 Enterprise with Essentials 5.5 Platinum Edition.