Welcome to our Demo Tuesday Series. Each week, we will be highlighting a new product feature from the Hybrid Cloud Platform.
You can’t put virtual machines (VMs) under lock and key
Customers are virtualizing pretty much everything they can today, from SharePoint to SQL Server to Active Directory domain controllers. That has created an interesting new challenge. When workloads ran on physical machines, it was possible to physically secure them—put them in cages, padlock them, and protect them with actual security guards. Unfortunately, you can’t do that with virtualized machines.
Network admins, backup admins, server admins, storage admins, and potentially others have access to your virtual machines. Any one of them could inject malicious code into the virtual machine or upload a VM onto a USB and take it home for inspection, and you’d be none the wiser. Take a look:
Get the benefits of virtualization with the security of physical deployment
Shielded VMs in Windows Server 2016 allow you to keep malicious actors from stealing copies of your virtual machines. They are fully encrypted and will only run on approved guarded fabrics. That guarded fabric forces strong isolation boundaries between the host and its own virtual machines. From any other aspect, a Shielded VM is just like a normal VM, you can run it, back it up, and live migrate it with no additional operational hassle. That’s the power of the shield in shielded virtual machines.