Download presentation
Presentation is loading. Please wait.
1
http://aka.ms/FEEAB http://blogs.technet.com/security_talk
8
Current boot process New boot process Any OS could hook in load code here, including a piece of malware If it is not valid the boot will be interrupted UEFI Secure Boot Activation UEFI will only load a verified (via certificate) OS
26
Add-VMNetworkAdapterAcl -VMName MyVM – LocalMacAddress 12-34-56-78-9A-–Direction Both –Action Allow Add-VMNetworkAdapterAcl -VMName MyVM – LocalMacAddress FF-FF-FF-FF-FF-FF –Direction InBound – Action Allow Add-VMNetworkAdapterAcl -VMName MyVM – LocalMacAddress Any –Direction Both –Action Deny
30
Set-VMNetworkAdapter –VMName MyVM – MacAddressSpoofing On
38
VMs designed to handle failures (e.g. Guest Clustering) or downtime acceptable. Lower End Industry Standard Server, single infrastructure App-Level Resiliency Application-controlled failover / Guest clustering Switch Parent VM s Parent Cluster VMs not designed to handle failures, H/A at server level, Failover clustering as another layer of protection, high-end servers, redundant power and network gear Hyper-V Failover Clustering Infrastructure Resiliency Parent VM s Parent Switch
41
File Server Cluster Storage Manage SAS Hyper-V Extensible Switch VM 1 Live Migration Cluster / Storage Manage Hyper-V Server VM n Datacenter Network Tenants Network “Green Field” 10GbE Network(s) File Server for VM storage Actual storage may be an existing FC/iSCSI SANs or JBODs+Spaces Highlighted features: 10GbE w/DCB, QoS, LBFO, Hyper-V over SMB, Spaces Note: LBFO & RDMA can’t coexist on same NICs. 10GbE 1/10GbE NIC Teaming OS QoS DCB NIC Teaming OS QoS DCB Use of NIC Teaming & Qos/DCB 10GbE SAN / JBODs SAS 1/10GbE
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.