Select Page

Allowing an additional host to run a VM with virtual TPM

First published on TECHNET on Oct 25, 2016 Recently a colleague got a new PC and asked me how he could migrate his existing virtual machines to his new system. Because he had enabled a virtual Trusted Platform Module (TPM) ... continue reading

How to deploy a VM template for PAW

First published on TECHNET on Nov 01, 2017 Continuing with the PAW series, after you followed the previous blog to build the PAW device, you can now deploy PAW VMs on it. There are two types of VMs you can ... continue reading

Shielded VMs – additional considerations when running a guarded fabric

First published on TECHNET on Apr 21, 2017 So you’ve deployed a guarded fabric and your VMs are running happily. Having now reached that perfect steady state, let's have a look at the operational and administrative differences relative to a ... continue reading
Shielded VMs: A conceptual review of the components and steps necessary to deploy a guarded fabric

Shielded VMs: A conceptual review of the components and steps necessary to deploy a guarded fabric

First published on TECHNET on Mar 14, 2017 [This post was authored by Dean Wells, Principal Program Manager on the Windows Server team] If you're anything like me, you probably find it immensely helpful having an end-to-end conceptual view of ... continue reading
Join Host Guardian Servers to an existing bastion forest

Join Host Guardian Servers to an existing bastion forest

First published on TECHNET on Mar 07, 2017 Shielded VM prevents unauthorized access from the host. To achieve this security assurance, there must be a role separation between the fabric admins (who manage the Guarded Hosts) and the HGS admins ... continue reading
Host Guardian Service - AD-based vs. TPM-based attestation

Host Guardian Service – AD-based vs. TPM-based attestation

First published on TECHNET on Aug 16, 2016 [This post is authored by Dean Wells, Principal Program Manager for the Windows Server Security Product Team] Overview The Host Guardian Service (HGS) is a new role in Windows Server 2016 that ... continue reading

Step-by-step: Quick reference guide to deploying guarded hosts

First published on TECHNET on Jun 08, 2016 My original blog post on the topic of deploying Shielded VMs without VMM included the instructions to deploy guarded hosts. Based on feedback around keeping the blog posts short and scenario-focused, I ... continue reading

Step by step – Creating Shielded VMs without VMM

First published on TECHNET on Jun 06, 2016 Hi, I’m Jane, one of the newest members of the Windows Server Security Product Team. My very first hands-on experience is to deploy Shielded VMs with the minimum amount of hardware. It ... continue reading

A closer look at shielded VMs in Windows Server 2016

First published on TECHNET on May 10, 2016 [This blog post was originally published in the Windows Server Blog ] This post was authored by Jeff Woolsey, Principal Program Manager, Windows Server. On this week’s Microsoft Mechanics show, we bring ... continue reading
Step by Step - Configuring Key Protection for the Host Guardian Service in Windows Server 2016

Step by Step – Configuring Key Protection for the Host Guardian Service in Windows Server 2016

First published on TECHNET on Mar 28, 2016 [This post is authored by Sumesh Kumar, Program Manager for the Enterprise and Security Product Team] The “Key Protection Service” (KPS) is one of the two services that run as part of ... continue reading
Loading...