Microsoft_Press_ebook_Introducing_Windows_Server_2012_R2_PDF.pdf

In addition being able to extend the functionality of

This preview shows page 132 - 133 out of 242 pages.

In addition, being able to extend the functionality of the Hyper-V networking by adding extensions made it easier to add new networking functionality to Hyper-V without needing to replace or upgrade the switch. You’d also be able to use the same tools for managing these extensions that you use for managing other aspects of Hyper-V networking, namely the Hyper-V Manager console, Windows PowerShell, and Windows Management Instrumentation (WMI). And because these extensions integrate into the existing framework of Hyper-V networking, they automatically work with other capabilities, like Live Migration. A number of other advanced capabilities were also integrated by Microsoft into the Hyper-V Virtual Switch in Windows Server 2012 to help enhance security, monitoring, and troubleshooting functionality. These additional capabilities included the following: DHCP guard Helps safeguard against Dynamic Host Configuration Protocol (DHCP) man-in-the-middle attacks by dropping DHCP server messages from unauthorized VMs pretending to be DHCP servers MAC address spoofing Helps safeguard against attempts to use ARP spoofing to steal IP addresses from VMs by allowing VMs to change the source media access control (MAC) address in outgoing packets to an address that is not assigned to them Router guard Helps safeguard against unauthorized routers by dropping router advertisement and redirection messages from unauthorized VMs pretending to be routers Port mirroring Enables monitoring of a VM’s network traffic by forwarding copies of destination or source packets to another VM being used for monitoring purposes Port ACLs Helps enforce virtual network isolation by allowing traffic filtering based on MAC or IP address ranges Isolated VLANs Allows segregation of traffic on multiple VLANs to facilitate isolation of tenant networks through the creation of PVLANs Trunk mode Allows directing traffic from a group of VLANs to a specific VM Bandwidth management Allows guaranteeing a minimum amount of bandwidth and/or enforcing a maximum amount of bandwidth for each VM Enhanced diagnostics Allows packet monitoring and event tracing through the extensible switch using ETL and Unified Tracing
Image of page 132

Subscribe to view the full document.

Learn more CHAPTER 5 121 Hyper-V Virtual Switch in Windows Server 2012 R2 Besides adding the vRSS capability described earlier in this chapter, Windows Server 2012 R2 builds on the many improvements added to the Hyper-V Virtual Switch in the previous Windows Server version by adding other new capabilities: Enhanced extended port ACLs Hyper-V Virtual Switch Extended Port ACLs now allow you to specify the socket port number when you create new port ACL rules. You can also configure unidirectional port rules and include a timeout parameter. These improvements make port ACLs more useful for safeguarding data center resources in multitenant cloud environments and for enforcing security policies for tenants.
Image of page 133
You've reached the end of this preview.
  • Spring '16

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern