Hyper-V Backup and Secure DMZ Servers: A How-to Guide
From a security point of view, a secure option that is being used for example by VPS hosting providers that we work with, is to DMZ the VMs, not the hyper-v host.
By DMZ-ing the VMs instead of the host, you can access and backup the host as usual and have only the VMs exposed to the outside. Attackers cannot easily access the host from the VM. Only the Hyper-V integration services would potentially and theoretically permit some malicious software perhaps to talk to the host; however, Microsoft has safeguarded this quite well so far.
All strategies including the above have their own pros and cons:
- Adding a new backup NAS in the internal LAN and open the port between DMZ Hyper-V Server for backups
In that case the attacker takes over the host and can do whatever he wants, including damaging the backup device. By the way, ransomware does this, too. It can find network access shares and damage all files there as well.
- Adding a new NAS in the DMZ. Pro: no need change anything in the firewall
In that case the downside is the attacker could gain full access to the host, all VMs on it, and all backups of it, leaving you potentially with nothing to restore from in case of an attack.
If you DMZ all VMs using static IP addresses, the risk is limited to the internals of each VM. The downside is you need to DMZ all VMs separately, but the host would remain on the internal network and protected as-is, including backups etc.
Another security ‘trick’ is to setup an isolated virtual switch and attach a separate NIC for those DMZ VMs so the VMs have no way of talking to the internal network, including the host. That would give you another layer of security in case someone hacks into the VM.
Welcome to BackupChain, the Hyper-V Server Backup Software for IT Professionals!
Download BackupChain now, our Server 2016 backup software that is specifically made for IT pros. Cloud backup, Hyper-V virtual machine backup, VMware server backup, Exchange server backup, and complete file server backup, all in one package. Beyond server backup, BackupChain also includes a DIY cloud server that works on all versions of Windows from XP to Windows 10, and from Windows Server 2003 to Windows Server 2016.
Backup Software Overview
Server Backup SoftwareDownload BackupChain
Cloud Backup
Backup VMware Workstation
Backup FTP
Backup VirtualBox
Backup File Server
Hyper-V Backup
Backup Hyper-VPopular
- Hyper-V Links, Guides, Tutorials & Comparisons
- Veeam Alternative
- How to Back up Cluster Shared Volumes
- DriveMaker: Map FTP, SFTP, S3 Site to a Drive Letter (Freeware)
Resources
- Free Hyper-V Server
- Remote Desktop Services Blog
- SCDPM Blog
- SCOM Blog
- V4 Articles
- Knowledge Base
- FAQ
- Sitemap
- Backup Education
- Archive 2024
- Archive 2022
- Archive 2021
- Archive 2020
- Archive 2018
- Archive 2017
- Archive 2016
- Archive 2015
- Archive 2014
- Archive 2013
- Hyper-V Scripts in PowerShell
- FastNeuron
- BackupChain (Greek)
- BackupChain (Deutsch)
- BackupChain (Spanish)
- BackupChain (French)
- BackupChain (Dutch)
- BackupChain (Italian)
Backup Software List
BackupChain
Veeam
Unitrends
Symantec Backup Exec
BackupAssist
Acronis
Zetta
Altaro
Windows Server Backup
Microsoft DPM
Ahsay
CommVault
IBM
Other Backup How-To Guides
- Start a Hyper-V VM from the Command Line — How to
- Microsoft Hyper-V Backup for VHD and VHDX VMs
- Windows 11 Hyper-V Backup, Step-by-Step
- Windows 11 Final Release Free ISO Download Links
- Hyper-V Host Disk Backup, Physical Host and Virtual Machine Backup
- Copy a File From the Host to a VM Using a Powershell Script
- Freeware Backup Software–Watch Out!
- Granular Backup Software for Hyper-V
- Download Linux Integration Services 3.5 for Hyper-V
- What is Deduplication?
- Hyper-V Backup and Secure DMZ Servers: A How-to Guide
- Hyper-V on RAID is Slow…Why?
- Windows Server 2012 Failover Cluster Important Updates
- Free Disk2VHD Hyper-V VHDX Physical to Virtual Conversion P2V
- Before You Use Carbonite, Mozy, CrashPlan, Rackspace, Softlayer
- The Ultimate Hyper-V PowerShell Commands Cheat Sheet
- 13 Hyper-V Cluster Shared Volume Tips & Tricks
- How to Shut Down a Hyper-V Virtual Machine
- Backup Strategies for Large VMs with and without Deduplication
- How to Mount a VHDX to Windows using a PowerShell Script