What’s new with Hyper-V 2016? (Shielded VMs)

Not too long ago, I was fortunate enough to attend the MMS 2016 (Midwest Management Summit). During one of the presentations, I learned some pretty neat things about Windows Server 2016 especially around Hyper-V. One cool feature, “Shielded Virtual Machines“.

What shielded VMs ensures that Hyper-V administrators do not have the ability to alter and/or view the VM settings/data/contents, unless specified. This is great for environments, ie. Banks/Financial Institutions, Governments, Education, etc. environments to ensure their data is protected, even from the ones that administer their environments.

There are a few catches:

  • VM must be a Gen-2 (Generation 2)
  • VM must be Windows Server 2012 or higher, or
  • VM must be Windows 8 or higher

When creating the VM, the shielded VM has a virtual TPM (Trusted Platform Module) assigned and BitLocker encryption is applied to only allow designated owners to access the VM. The shielded VM will not run unless the Hyper-V host is on the Host Guardian Server. All of the VMs data and state information is encrypted, and cannot be accessed.

For more information on Shielded VMs, please visit Microsoft’s post HERE.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s