>- Phoning home: Hyper-V is designed to scale up to data center/cloud levels. Those operators do not appreciate software phoning home and have the skills to prevent that. Even if MS's EULAs allow Hyper-V to phone home I'd be surprised if it does in practice

We recently had a security audit and no problems. But as we sling personal data required to be protected by law over here (the same laws that torpedoed safe harbour, but not only on a personal level, so the requirements are a notch higher) my main worry is that another audit might tut-tut on using Hyper-V as it might contain a backdoor for NSA, having no written guarantee not to phone home and we did not have the knowledge to erect an outbound firewall blocking all of MS tries...

...
>The above are products mostly aimed at installation on dedicated server computers (possible exception being KVM on Linux). If anyone is interested in running VMs on a Windows workstation, Oracle VM VirtualBox is a reasonable free choice. There apparently is a version of VirtualBox for Linux but a few years back it was buggy and I don't know of any reason you'd want to use that instead of KVM on a Linux workstation.

Some of our VM's started on VPC, but most lived a long time under Virtualbox. Now the secured stuff is on walled in boxes in datacenter running XP VMs on Hyper-V. Currently focus of security audit is on physical security against 3rd person access, backup strategies and allowing only access encrypted, certificated and pwd-protected. But Snowden woke some people up and brought slow moving process changes on the map - but those tend to have high inertia.

Hyper-V created VMs with HAL put a stop to re-using your VM on a different host OS without some fiddling - whichwas not necessary for some years, not caring if the location I worked in used VirtualPC or VirtualBox. For dev tasks bleeding edge perf VMs not necessary, that is only needed on our batch work horses. Having a proven migration path in case current host system gets a no-no from security audit is a business benefit besides the personal effect of reusing "my" VM in customer nets. The flip side might be for me to run my VMs under the same host used in secure server and try to isolate "personal" stuff in linux VMs running there.