diff --git a/salt/firewall/defaults.yaml b/salt/firewall/defaults.yaml
index fc5368e12..c9b864a18 100644
--- a/salt/firewall/defaults.yaml
+++ b/salt/firewall/defaults.yaml
@@ -12,6 +12,7 @@ firewall:
     eval: []
     fleet: []
     heavynode: []
+    hypervisor: []
     idh: []
     import: []
     localhost:
@@ -471,6 +472,15 @@ firewall:
                 - elastic_agent_control
                 - elastic_agent_data
                 - elastic_agent_update
+            hypervisor:
+              portgroups:
+                - yum
+                - docker_registry
+                - influxdb
+                - elastic_agent_control
+                - elastic_agent_data
+                - elastic_agent_update
+                - sensoroni
             customhostgroup0:
               portgroups: []
             customhostgroup1:
@@ -523,6 +533,9 @@ firewall:
             desktop:
               portgroups:
                 - salt_manager
+            hypervisor:
+              portgroups:
+                - salt_manager
             self:
               portgroups:
                 - syslog
diff --git a/salt/manager/tools/sbin/so-firewall-minion b/salt/manager/tools/sbin/so-firewall-minion
index 66a0afcea..4b0fb766e 100755
--- a/salt/manager/tools/sbin/so-firewall-minion
+++ b/salt/manager/tools/sbin/so-firewall-minion
@@ -82,4 +82,7 @@ fi
 		'DESKTOP')
 			so-firewall includehost desktop "$IP" --apply
 			;;
+		'HYPERVISOR')
+			so-firewall includehost hypervisor "$IP" --apply
+			;;
     esac
diff --git a/setup/so-setup b/setup/so-setup
index bd8a8c6ba..005bf903d 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -624,6 +624,16 @@ if ! [[ -f $install_opt_file ]]; then
 		set_minion_info
 		whiptail_end_settings
 
+	elif [[ $is_hypervisor ]]; then
+		info "Setting up as node type hypervisor"
+		check_requirements
+		networking_needful
+		collect_mngr_hostname
+		add_mngr_ip_to_hosts
+		check_manager_connection
+		set_minion_info
+		whiptail_end_settings
+
 	fi
 
 	if [[ $waitforstate ]]; then
diff --git a/setup/so-whiptail b/setup/so-whiptail
index d950f2921..b25682acd 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -681,6 +681,7 @@ whiptail_install_type_dist_existing() {
 		"HEAVYNODE" "Sensor + Search Node " \
 		"IDH" "Intrusion Detection Honeypot Node " \
 		"RECEIVER" "Receiver Node " \
+		"HYPERVISOR" "Hypervisor Node " \
 		3>&1 1>&2 2>&3
 		# "HOTNODE" "Add Hot Node (Uses Elastic Clustering)" \ # TODO
 		# "WARMNODE" "Add Warm Node to existing Hot or Search node" \ # TODO
@@ -713,6 +714,8 @@ whiptail_install_type_dist_existing() {
 		is_receiver=true
 	elif [ "$install_type" = 'DESKTOP' ]; then
 		is_desktop=true
+	elif [ "$install_type" = 'HYPERVISOR' ]; then
+		is_hypervisor=true
 	fi
 
 	local exitstatus=$?