none
Winodws 2008 R2 VM RRS feed

  • Question

  • Hello Support,

    I have Windows 2019 standard as host and a Windows Server 2008 R2 running a legacy software.  I would like to know how I can keep this VM Windows 2008 R2 going safely?  I know after 1/14/2020 there will be no updates.  How can disconnect the connection to the internet and but not keep it in the network?  Or any other recommendation in this situation.

    I appreciate all your help.

    Jamshid

    Tuesday, December 3, 2019 12:15 AM

All replies

  • Hello,

    Thank you for posting in our forum.

    Here're some answers of your questions.

    Q1: >>I would like to know how I can keep this VM Windows 2008 R2 going safely? 
    A1: According to my understanding, the safe operation of the VM you mentioned is to allow the VM to run normally. You can consider the following aspects: install patches on time, enable the windows firewall, and regularly back up the VM.

    In addition, as the support for win 2008R2 is coming to an end, we recommend that you upgrade your virtual machine as soon as possible. 

    Q2:>>How can disconnect the connection to the internet and but not keep it in the network? 
    A2: If you want to disconnect from the external network, I suggest you use an internal or private virtual switch. For more information, you can refer to:Create a virtual switch for Hyper-V virtual machines 

    Hope the information can be helpful and if there is anything else we can do for you, please feel free to post in the forum.

    Best regards,
    Cynthia

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 3, 2019 10:07 AM
  • Hi,

    You could consider isolating your network / VLAN for your Windows Server 2008 R2 virtual machines.
    A How-To Guide on Setting Up Hyper-V VLANs

    Then simply don't allow the Windows Server 2008 R2 virtual machines to communicate out to the Internet.

    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    Tuesday, December 3, 2019 10:37 AM
  • Hi,

     

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

     

    Best Regards,

    Cynthia


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, December 6, 2019 9:06 AM
  • Hi,

     

    Just want to confirm the current situations.

     

    Please feel free to let us know if you need further assistance.

     

    Best Regards,

    Cynthia


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 11, 2019 9:33 AM
  • Hi Cynthia,

    thank you for all your help.  i have currently removed the default gateway from IP settings of the server 2008R2.  Do you think this is adequate to do the jo?  I appreciate your feedback.

    Thanks,

    Jamshid

    Thursday, December 19, 2019 3:29 PM
  • It might help a bit, but here are also a few other things taken from THIS article you should consider:

    Multi-layer security: First things first, adding a network firewall and network application firewall will add multiple layers of security around the system. The server will still have to perform security functions but these added lines of defense will be critical in protecting your assets.

    Go offline: Network isolation is a credible option for extending the lifespan of WS2008 & WS2008R2. Isolating all Sever 2008/2008R2 instances from central services will significantly reduce the risk of a breach. If possible, cut off any connection to the internet unless absolutely necessary.

    Access restriction and monitoring: As much as possible, limit access to the physical server while locking down non-critical services. Ensure logging is active and check regularly for unauthorized access or suspicious activity.

    Regular back-ups: This is not just a security consideration. Expect high failure rates on end of support equipment, so regular backups will prevent extensive data loss. As often as possible, backup system data to an external system. I’d also consider a secondary backup in the cloud. Microsoft’s Azure Backup Services is a recommended location.

    Application whitelisting: The opposite of application blacklisting, this process dictates the applications that have permission to run, rather than those that do not. Ensuring only permitted applications are active is an effective method for locking out zero-day exploits and other malware.


    Blog: https://thesystemcenterblog.com LinkedIn:

    Thursday, December 19, 2019 3:51 PM
  • Thank you Leon.  I appreciate your help.

    Have a great day.

    Jamshid

    Friday, December 20, 2019 12:09 AM
  • You're welcome, you have a great day as well!

    (Please don't forget to mark helpful replies as answer)


    Blog: https://thesystemcenterblog.com LinkedIn:

    Friday, December 20, 2019 12:10 AM
  • Hi,

    I am glad to hear that your issue was successfully resolved.

    If there is anything else we can do for you, please feel free to post in the forum.

    Have a nice day!

    Cynthia


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, December 20, 2019 6:47 AM