Yuri Diogenes Senior Technical Writer Server and Cloud Division Information Experience – Solutions Group Security Enhancements in Windows Server 2012 Securing the Private Cloud Infrastructure Tom Shinder Senior Knowledge Engineer Server and Cloud Division Information Experience – Solutions Group tp://aka.ms/FEEAB tp://blogs.technet.com/security_talk
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Yuri DiogenesSenior Technical WriterServer and Cloud Division Information Experience – Solutions Group
Security Enhancements in Windows Server 2012Securing the Private Cloud Infrastructure
Tom ShinderSenior Knowledge EngineerServer and Cloud Division Information Experience – Solutions Group
Why is Private Cloud Security Important? Customers want to know
What we will cover in this presentation?Private Cloud Infrastructure Security
Ultimate GoalAlign Windows Server 2012 security features to address core Private Cloud Security concerns by providing a secure foudation of its cloud infrastructure based on Microsoft PCRM (Private Cloud Reference Model).
Primary Considerations
Compute
Networking
Storage
Resiliency
Compute
• What if…• The Cloud Operator restarts the compute resource that I’m using and
load a malware upon the boot process?• A failure in provisioning leads to another operating system to load,
causing downtime to my workload?• There is a breach on the physical security and someone steals the
server?
• Protecting Compute Resource• Policies in place to avoid errors in security provisioning• Clean up process• SLA
Private Cloud Security ConcernPhysical Security to Compute Resources
Secure BootServer Protection
Current boot process
New boot process
Any OS could hook in load code here, including a piece of malware
If it is not valid the boot will be interrupted
UEFI Secure Boot Activation
UEFI will only load a verified (via certificate) OS
Network Unlock for BitLockerServer Protection
• Requires Windows 8, TPM, DHCP and UEFI• Allows admins to boot remote systems
without user interaction• If taken outside the trusted location (off
premise), the machine will require a PIN in order to boot
• No more trade-offs between security and power management or servicing
Storage
• What if…• Other tenants can access my data?• Data leakage occurs while at rest?
• Secure data within deployments inside and outside of the datacenter.
• Enables IT administrator to:• Encrypt local disk storage (DAS)• Encrypt traditional failover cluster disks• Encrypt Cluster Shared Volumes 2.0
• Meets compliance demands.
Bitlocker Drive EncryptionData Protection
Demo: Encrypting a Cluster Shared VolumeTom Shinder
Scenario• Bob wants to ensure that the tenants' data
is protected while at rest• Bob wants to make sure that even if an
intruder breaches the data center and pulls a drive, the data will be inaccessible
• Bob is using Windows Server 2012 iSCSI target for failover cluster storage and CSVs
Networking
• What if…• Other tenants can access my data?• Data leakage occurs while data is in transit?• Rogue servers/traffic can disrupt my workload?
• Protecting Network Resource• Isolation• Encryption• Protection against rogue services
Private Cloud Security ConcernNetwork Security
• End-to-end encryption of SMB data in flight• Protects data from eavesdropping attacks• No need for IPSec or specialized hardware• Configured per share or for the entire
server• Can be turned on for a variety of scenarios
where data traverses trusted and untrusted networks• Branch Offices over WAN networks• Application workload over unsecured networks
SMB EncryptionNetwork Protection
Demo: Enabling and verifying SMB EncryptionYuri Diogenes
Scenario• The Private Cloud tenant read a report
saying that internal threats are still the biggest concern in network security
• The tenant has a file server on his segment that contains financial records and must be protect against eavesdropping attack launched by internal clients
Lab Environment
• Protects against a malicious VM representing itself as a Dynamic Host Configuration Protocol (DHCP) server for man-in-the-middle attacks
DHCP GuardNetwork Protection
Demo: Protecting Tenants against rogue DHCPYuri Diogenes
Scenario• The Private Cloud tenant read the paper “
A Solution for Private Cloud Security” from Microsoft and wants to ensure that his network segment is protected against rogue servers, clients and applications
Add-VMNetworkAdapterAcl -VMName MyVM –LocalMacAddress Any –Direction Both –Action Deny
Demo: Traffic isolation with Port ACLsYuri Diogenes
Scenario• The Private Cloud tenant read the paper “
A Solution for Private Cloud Security” from Microsoft and wants to ensure that traffic isolation happens not only between tenants on his Private Cloud but also within the same tenant network
• Allows you to specify whether a VM is allowed to change its source MAC address for outgoing packets.
MacAddressSpoofing Network Protection
How to implement this configurationSet-VMNetworkAdapter –VMName MyVM –MacAddressSpoofing On
Demo: Protecting against MacSpoofing attackYuri Diogenes
Scenario• The Private Cloud tenant read the paper “
A Solution for Private Cloud Security” from Microsoft and wants to ensure that his company reduces the likelihood that man in the middle attack can occur inside of a tenant’s network
Demo: Enabling Security Settings in the Hyper-V Extensible SwitchYuri Diogenes
Scenario• Contoso has plans to extend their Private
Cloud infrastructure by enabling intrusion detection in the hypervisor level.
• Cloud architect wants to understand if his current deployment has any built in capability to implement that and if not how this can be done without changing the hypervisor.
Resiliency
What happens when hardware fails?
VMs designed to handle failures (e.g. Guest Clustering) or downtime acceptable.Lower End Industry Standard Server, single infrastructure
VMs not designed to handle failures, H/A at server level, Failover clustering as another layer of protection, high-end servers, redundant power and network gear
Hyper-V Failover Clustering
Infrastructure Resiliency
Parent VMs
VMs
VMs
Parent VMs
VMs
VMs
Switch
Switch
Hyper-V | Resiliency
Resi
liency Inbox Replication
Hyper-V Replica enables the replication of VMs fromPrimary to Secondary site for inbuilt Disaster Recovery
Incremental BackupsPerform agentless backup operations more quickly &easily while saving network bandwidth & disk space
Integrated NIC TeamingAggregate network adaptors to increase throughput &provide redundancy in case of link failure
Practical Scenario
Converged Datacenter Network + File Server StorageFile Server
Clu
ste
r
Sto
rag
e
Man
ag
e
SAS
Hyper-V Extensible
Switch
VM 1
Liv
e
Mig
rati
on
Clu
ste
r /
Sto
rag
e
Man
ag
e
Hyper-V Server
VM n
Datacenter Network Tenants Network
“Green Field”
• 10GbE Network(s)• File Server for VM storage
• Actual storage may be an existing FC/iSCSI SANs or JBODs+Spaces