Shielded VMs

If your day job doesn't include work with Hyper-V, it's possible that you have never heard of shielded VMs. The name does a pretty good job of explaining this technology at a basic level. If a VM is a virtual machine, then a shielded VM must be a virtual machine that is shielded or protected in some way, right?

A shielded VM is essentially a VM that is encrypted. Rather, the hard drive file itself (the VHDX) is encrypted, using BitLocker. It sounds simple, but there are some decent requirements for making this happen. In order for the BitLocker encryption to work properly, the VM is injected with a virtual Trusted Platform Module (TPM) chip. TPMs are quickly becoming commonplace at a hardware level, but actually using them is ...

Get Mastering Windows Server 2019 - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.