Bookmark this! |Shielded VM resources

Shielded Virtual Machines (SVM)

A Shielded VM is a generation 2 (supported on Windows Server 2012 and later) that has a virtual TPM, is encrypted using BitLocker and can only run on healthy and approved hosts in a guarded fabric. Shielded VMs in a guarded fabric, enable Cloud Service Providers (CSP) or enterprise private cloud administrators to provide a more secure environment for tenant VMs. A guarded fabric is comprised of one Host Guardian Service (HGS)—typically, a cluster of 3 nodes—one or more guarded hosts, running a set of Shielded Virtual Machines.

Keep up-to-date on the latest announcements, which will be posted on the Datacenter and Private Cloud Security Blog.



Implementation and Management

Datacenter and Private Cloud Security Blog posts


Technical Deep Dives

Applicable to Server 2016 covering concepts of: VBS, HVCI, Credential Guard, Device Guard Code Integrity (CI), Measured Boot and remote attestation.

Hyper-V Generation 2 Overviews

Note: for this topic, Parts 1 and 6 are most relevant to the Guarded fabric discussion. Parts 8 and 10 may be useful to for migration scenarios to enable SVMs.




Comments (0)

Skip to main content