Join Host Guardian Servers to an existing bastion forest
First published on TECHNET on Mar 07, 2017 Shielded VM prevents unauthorized access from the host. To achieve this security assurance, there must be a role separation between the fabric admins (who manage the Guarded Hosts) and the HGS admins ... continue reading
Step by Step: Shielding existing VMs without VMM
First published on TECHNET on Sep 01, 2016 Continuing on the topic of Shielded VMs from my last blog on creating shielded VMs, this blogpost will share my learnings from validating the scenario. This blogpost doesn't dive deep in terminologies ... continue reading
Host Guardian Service – AD-based vs. TPM-based attestation
First published on TECHNET on Aug 16, 2016 [This post is authored by Dean Wells, Principal Program Manager for the Windows Server Security Product Team] Overview The Host Guardian Service (HGS) is a new role in Windows Server 2016 that ... continue reading
Step-by-step: Quick reference guide to deploying guarded hosts
First published on TECHNET on Jun 08, 2016 My original blog post on the topic of deploying Shielded VMs without VMM included the instructions to deploy guarded hosts. Based on feedback around keeping the blog posts short and scenario-focused, I ... continue reading
Step by Step – Shielded VM Recovery
First published on TECHNET on Jun 07, 2016 Shielded VMs protect the data and state of a Virtual Machine against inspection, theft and tampering from malware and datacenter administrators and they do so both at rest and in-flight. One of ... continue reading
Step by step – Creating Shielded VMs without VMM
First published on TECHNET on Jun 06, 2016 Hi, I’m Jane, one of the newest members of the Windows Server Security Product Team. My very first hands-on experience is to deploy Shielded VMs with the minimum amount of hardware. It ... continue reading
A closer look at shielded VMs in Windows Server 2016
First published on TECHNET on May 10, 2016 [This blog post was originally published in the Windows Server Blog ] This post was authored by Jeff Woolsey, Principal Program Manager, Windows Server. On this week’s Microsoft Mechanics show, we bring ... continue reading
Overview of Host Guardian Service (HGS) Diagnostics
First published on TECHNET on May 04, 2016 [This post is authored by Jim Hughes, Software Engineer for the Windows Server Team] The Host Guardian Service (HGS) is a principal component in enabling Hyper-V to host Shielded VMs in Windows ... continue reading
Step by Step – Configuring Key Protection for the Host Guardian Service in Windows Server 2016
First published on TECHNET on Mar 28, 2016 [This post is authored by Sumesh Kumar, Program Manager for the Enterprise and Security Product Team] The “Key Protection Service” (KPS) is one of the two services that run as part of ... continue reading
Step by Step – Creating Shielded VMs
First published on TECHNET on Mar 23, 2016 [This post is authored by Dean Wells, Principal Program Manager for the Windows Server Security Product Team] In this blog, we’ll walk through the steps necessary to create a shielded VM and ... continue reading
