Shielded VMs

Shielded VMs, or Shielded Virtual Machines, are a security feature introduced in Windows Server 2016 for protecting Hyper-V Generation 2 virtual machines (VMs) from unauthorized access or tampering.

Hyper-V Shielded VMs are protected through a combination of Secure Boot, BitLocker encryption, Virtual Trusted Platform Module (TPM) and the Host Guardian Service.

How Hyper-V Shielded VMs Work

Shielded VMs boot from a virtual Unified Extensible Firmware Interface (UEFI) as opposed to a traditional BIOS, providing Secure Boot protection and enabling BitLocker disk encryption inside the VM’s virtual disks. The BitLocker encryption handles protecting the data both at rest and when being transmitted across the network during Live Migrations.

The Host Guardian Service, a new role in Windows Server 2016, enables shielded virtual machines, protecting them from unauthorized access by Hyper-V host administrators. As a result, any administrator without full rights to a Shielded VM will be able to power it on or off, but they won’t be able to alter its settings or view the contents of the VM in any way.

Shielded VMs require Windows Server 2012 or Windows 8 or later, and they will not run unless the Hyper-V host is on the Host Guardian Service. New Shielded Virtual Machines can be created within the Azure Pack management portal, and existing VMs can be converted to shielded VMs.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.

Related Articles

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

How To Defend Yourself Against Identity Theft

Almost every worldwide government agency responsible for identity theft issues will tell you the same thing: The first step to fighting identity theft is...

Infographic

An infographic is a visual representation of information or data. It combines the words information and graphic and includes a collection of imagery, charts,...

Phishing

What is phishing? Phishing is a type of cybercrime in which victims are contacted by email, telephone, or text message by an attacker posing as...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...