With Windows Server 2019, Microsoft is adding resiliency and redundancy enhancements to the Shielded Virtual Machines security controls it introduced with Windows Server 2016.
Shielded VMs originally provided a way to protect virtual machine assets by isolating them from the hypervisor infrastructure and could also help prove to auditors that systems were adequately isolated and controlled. Now Shielded VM enhancements in Window Server 2019 provide real-time failback configurations and host- and policy-based security improvements.
Host key attestation
Under Windows Server 2016, key authentication was based on trusted platform module (TPM) cryptoprocessors and Microsoft Active Directory authentication. Both of these are great solutions but were limited when it comes to extensibility and redundancy.
(Insider Story)
Leave a Reply