With Windows Server 2016, Microsoft publishes a new security feature for Hyper-V; the so called Host Guardian Service. In addition to protecting hosts or other virtual machines from a virtual machine (VM) running malicious software, it is also necessary to protect virtual machines from a compromised host.
To protect against compromised fabric, Windows Server 2016 Hyper-V introduces “shielded” VMs. A shielded VM is a generation 2 VM (supported on Windows Server 2012 and later) that has a virtual TPM, is encrypted using BitLocker and can only run on healthy and approved hosts in the fabric. Shielded VMs and guarded fabric enable cloud service providers or enterprise private cloud administrators to provide a more secure environment for tenant VMs. A guarded fabric consists of:
-
1 Host Guardian Service (HGS) cluster.
-
1 or more guarded hosts.
-
A set of shielded virtual machines.
When a tenant creates shielded VMs that run on a guarded fabric, the Hyper-V hosts and the shielded VMs themselves are protected by the HGS. The HGS provides two distinct services: attestation and key protection. The attestation service ensures only trusted Hyper-V hosts can run shielded VMs, while the key protection service provides the keys necessary to power them on and to share them with other guarded hosts. The keys which are used by the key protection service can be securely stored in the HSM. This prevents even Administrators with full access to the system from running shielded VMs on a non-guarded fabric.