Shielded VMs

Shielded VMs, or Shielded Virtual Machines, are a security feature introduced in Windows Server 2016 for protecting Hyper-V Generation 2 virtual machines (VMs) from unauthorized access or tampering.

Hyper-V Shielded VMs are protected through a combination of Secure Boot, BitLocker encryption, Virtual Trusted Platform Module (TPM) and the Host Guardian Service.

How Hyper-V Shielded VMs Work

Shielded VMs boot from a virtual Unified Extensible Firmware Interface (UEFI) as opposed to a traditional BIOS, providing Secure Boot protection and enabling BitLocker disk encryption inside the VM’s virtual disks. The BitLocker encryption handles protecting the data both at rest and when being transmitted across the network during Live Migrations.

The Host Guardian Service, a new role in Windows Server 2016, enables shielded virtual machines, protecting them from unauthorized access by Hyper-V host administrators. As a result, any administrator without full rights to a Shielded VM will be able to power it on or off, but they won’t be able to alter its settings or view the contents of the VM in any way.

Shielded VMs require Windows Server 2012 or Windows 8 or later, and they will not run unless the Hyper-V host is on the Host Guardian Service. New Shielded Virtual Machines can be created within the Azure Pack management portal, and existing VMs can be converted to shielded VMs.

Forrest Stroud
Forrest is an experienced, entrepreneurial and well-rounded professional with 15+ years covering technology, business software, website design, programming and more.

Top Articles

The Complete List of 1500+ Common Text Abbreviations & Acronyms

Text Abbreviations reviewed by Web Webster   From A3 to ZZZ we list 1,559 SMS, online chat, and text abbreviations to help you translate and understand...

Windows Operating System History & Versions

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

Generations of Computers (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

How to Find Your...

SSID is short for Service Set IDentifier. In layman’s terms, an...

Monday.com

Monday.com is a cloud-based work operating system that can be used for a...

Secure Socket Tunneling Protocol...

The secure socket tunneling protocol (SSTP) is a VPN protocol where...