What is new in Windows 10 1803 for PAW?

In this blog post, I’ll walk you through the new features which are relevant to the PAW solution in the latest Windows 10 1803 release. Offline HGS Prior to 1803 release, to start a shielded VM, the host must connect to the HGS server in order to perform health attestation. One of the top customer…


Apply Code Integrity Policy without reboot

There is a new Code Integrity policy option introduced in Windows 10, and it is available in Windows Server 2019 insider build “Update Policy No Reboot”. I got numerous questions around how to use this option, and here is the blogpost to answer it. What is this option? After the Windows Server 2016 release, we…


Rest easy with regulatory compliance in Windows Server 2016

[This blog post was originally published at: https://blogs.technet.microsoft.com/hybridcloud/2017/04/11/rest-easy-with-regulatory-compliance-in-windows-server-2016/] Last month we learned that Windows Server 2016 has achieved Common Criteria certification for the General Purpose OS protection profile. This international standard is especially important for our customers in the public sector, where Common Criteria certification is highly recommended or even required. That’s why Microsoft has…


Join Host Guardian Servers to an existing bastion forest

Shielded VM prevents unauthorized access from the host. To achieve this security assurance, there must be a role separation between the fabric admins (who manage the Guarded Hosts) and the HGS admins (who manage the Host Guardian Servers). By default, when you install the first HGS server, it will create its own forest, this will…


Windows Server 2016 security sessions at Microsoft Ignite 2016

If you’re going to Ignite next week, you don’t want to miss the Windows Server 2016 security sessions we prepared for you! Check out this blog post on the Hybrid Cloud blog that also feature some great videos created by our Program Managers! In addition, check out this webpage on which you can list all…