Sergey Nivens - Fotolia

Take advantage of new functionalities for Hyper-V Generation 2 VMs

Windows Server 2016 provides advanced security for VMs and enables the user to boot Linux VMs securely and to hot add and remove network cards and memory.

Generation 2 VMs, sometimes referred to as Gen 2 VMs, provide the best performance for applications and OSes that run inside Hyper-V VMs. Gen 2 VMs have the ability to communicate with the Hyper-V host directly, which circumvents communication delays. While Gen 1 VMs support BIOS-based virtualization architecture, Gen 2 VMs support Unified Extensible Firmware Interface architecture, which helps run VMs more securely. Hyper-V Generation 2 VMs support a number of notable features, such as Preboot Execution Environment, booting from SCSI and/or SCSI Virtual DVD and Secure Boot, which Windows VMs enable by default.

Windows Server 2016 includes new Hyper-V Generation 2 VM functionalities, as listed below:

  • Hot add and remove network cards and memory: It's possible to add and remove network cards and memory while the VM runs. The hot add and remove feature works for both Windows and Linux VMs, but the VM must be created using Generation 2.
  • Secure Boot for Linux VMs: All versions of Windows OSes and some Linux distributions support booting VMs securely. For Windows VMs, the Secure Boot option is enabled by default, but you must enable Secure Boot for Linux VMs. Once enabled, Secure Boot ensures that a Windows OS doesn't boot if the OS Loader has been modified by a malware or malicious code.
  • Virtualization-based security: Other important Windows Server 2016 features provide security for VMs running on Generation 2. Device Guard and Credential Guard help run VMs securely by protecting the VM's OS from malware. The Device Guard feature hardens the VM OS against malware and ensures that only known code is loaded during boot. The Credential Guard feature isolates user mode from kernel mode and minimizes pass-the-hash attacks.

It's also worth mentioning that it's possible to host OS paging with a secondary virtual hard disk in Generation 2 VMs. Generation 2 requires an OS running Windows Server 2012, Windows Server 2012 R2, Windows 8, Windows 8.1, Windows 10 or Windows Server 2016. However, you should install the newest OS in Hyper-V Generation 2 VMs to take advantage of new features in Windows Server 2016.

Next Steps

Understand Hyper-V files and folders

Navigate the top Hyper-V 2016 features

Upgrade the VM configuration version in Hyper-V

Think you know all there is about Hyper-V Gen 2 VMs? Take this quiz.

Dig Deeper on Microsoft Hyper-V management