Shielded VM is a unique security feature introduced by Microsoft in Windows Server 2016. It has undergone a lot of enhancements in Windows Server 2019. This article discusses improvements to the feature. For an introduction to the feature and detailed steps for deployment, see the following link:
Attestation Modes
The feature initially supported two attestation modes: Active Directory-based attestation and TPM-based attestation. TPM-based attestation provides enhanced security protections, as it uses a Trusted Platform Module (TPM) as a hardware root of trust. It supports measured boot and code integrity. Key mode attestation is a new addition, supplanting AD-based attestation, which is still present but deprecated from Windows Server 2019 onwards. The following link contains information about setting up the Host Guardian Service (HGS) node using key mode attestation:
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-initialize-hgs-key-mode-default
Key mode attestation is preferred when TPM hardware is unavailable. It is easier to configure but comes with some security risks, as it does not involve a hardware root of trust. For the most stringent security, using TPM-based attestation along with a TPM 2.0 chip is recommended.
HGS Backup Feature
Since the HGS cluster is a critical piece of the shielded VM solution, Microsoft has provided an enhancement to incorporate a second set of HGS URLs. If the primary HGS server is unresponsive, Hyper-V guarded hosts can attest and launch the shielded VMs without any downtime. This requires two HGS servers to be set up, with the VMs independently attested with both the servers during deployment. The following command is used to enable the VMs to be attested by both HGS clusters.
# Replace https://hgs.primary.com and https://hgs.backup.com with your own domain names and protocols
Set-HgsClientConfiguration -KeyProtectionServerUrl 'https://hgs.primary.com/KeyProtection' -AttestationServerUrl 'https://hgs.primary.com/Attestation' -FallbackKeyProtectionServerUrl 'https://hgs.backup.com/KeyProtection' -FallbackAttestationServerUrl 'https://hgs.backup.com/Attestation'
For the Hyper-V host to pass attestation with both primary and fallback servers, attestation information must be up to date on both HGS clusters.
Offline Mode
Offline mode allows shielded VMs to start even when the HGS cluster is unreachable. To enable this mode, run the following command on an HGS node:
Set-HgsKeyProtectionConfiguration –AllowKeyMaterialCaching:$true
After running the command, restart all VMs to enable the cacheable key protector.
Note: Any security configuration change on the Hyper-V causes this offline mode to become invalid. The host must attest with an HGS server before VMs can start in offline mode again.
Linux Shielded VM
Microsoft supports shielded VMs running Linux as the guest OS. For more details on which Linux distributions and versions can be used, see the following link:
https://docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-linux-shielded-vm-template
Important Guidelines
There are a few important guidelines to be followed when deploying shielded VMs:
- When upgrading from Windows Server 2016 to Windows Server 2019, clear all security configurations. Apply them again after the upgrade on the HGS and the guarded hosts for the solution to work seamlessly.
- Template disks can only be used with the secure shielded VM provisioning process. Attempting to boot a regular (unshielded) VM using a template disk will likely result in a stop error (blue screen) and is unsupported.