Data Centre


Rogue sysadmins the target of Microsoft's new 'Shielded VM' security

VMware's also trying to stop Dennis Nedry in vSphere 6.5, but both trail the NSA and Xen

By Simon Sharwood


Virtual machine security is suddenly a hot spot: VMware's building a new product for it and has added new bits to vSphere 6.5 to enhance it. And Microsoft thinks it has found a new way to secure VMs.

Let's do Redmond first because its new “Shielded VMs” are one of the headline items in Windows Server and Hyper-V 2016.

As explained to The Register by Microsoft program manager Dean Wells, Redmond reckons one of the things that holds back virtualisation is that virtual machines aren't yet as verifiably secure as their bare metal brethren.

The main thing VMs are missing is something like Intel's trusted platform module (TPM), the cryptographic signing technique that binds a workloads to a known server. If you apply TPM to a server and then to an application, the workload just won't run unless it's on a server it's been told to trust. Or to put it in terms that Jurassic Park's Dennis Nedry would understand: without the magic word, you'll be locked out.

Wells feels the lack of TPM for virtual machines means some organisations keep sensitive workloads on bare metal because they fear rogue admins can take a VM and run it elsewhere. That fear is fair enough because with a .VHD or .VHDX file, or their equivalents for non-Microsoft hypervisors, it's trivial to run a virtual machine. Wells told The Register that Microsoft clients are worried by this, because storage admins, network admins, vanilla sysadmins and other Dennis Nedry types can access the resources on which virtual machines reside.

Shielded VMs aim to prevent VM exfiltration by providing a virtual equivalent to TPM, so that VMs just won't run unless they know the host is allowed to run them. Shielded VMs are also shorn of tools like VM console connection, PowerShell Direct and other things that let an admin reach out and touch them, reducing their attack surface along the way. Shielded VMs' disks are also encrypted (at rest and in motion) turning VMs from a portable package that can be plugged into a hypervisor and turning them into black boxes.

Hyper-V itself must undergo a rigorous health attestation process before being allowed to run shielded VMs and Microsoft proposes that the provisioning of new shielded VMs must also conform to a known & trustworthy baseline configuration or provisioning will be aborted.

Shielded VMs also boot from a virtual Unified Extensible Firmware Interface (UEFI), so that the state of the host and the VM can be verified as the VM fires up only releasing the encryption key if it’s still healthy.

Windows Server 2016's new Host Guardian Service (HGS) gets the job of verifying whether hosts are allowed to run a Shielded VM and/or are in a fit condition to run it.

With trusted hosts, only whitelisted VMs in operation (and then only after accounting for themselves as they boot), Microsoft feels you'll be able to embrace hybrid cloud with confidence, in a “trusted fabric” of infrastructure that could span multiple private and/or public data centres. For those yet to adopt TPM V2-enabled servers, there's also an option to use only Active Directory groups to verify VMs' Hyper-V host’s fitness for executing on shielded VMs.

Microsoft proudly told world+dog it was way out in front of the VM security race with Shielded VMs, which launched a couple of weeks back at Ignite. That lead was whittled away after a week as VMware launched vSphere 6.5 with UEFI-secured boot for hosts and guests, plus encryption for VMs in motion. For now VSphere itself can use TPM, but Virtzilla's guests can't do virtual TPM. So Microsoft's got a little lead here for now.

The Register understands that VMware's Project Goldilocks security product may not be far from its formal debut, so perhaps Virtzilla's security story is about to gain a new chapter.

For what it's worth, it looks like Xen has had virtual TPM since version 4.3 and that contributions from the NSA helped make it a reality.

Which means Shielded VMs are NSA-grade security. That's a good thing, right? ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Microsoft releases new containerised cut of Windows Server

When Nano Server or Server Core are too small, 'windows' will be in the Goldilocks zone

Linux, HCI and more, all from the new release of Windows Server 2019

Customers in it for the long term get parity with the flighty Semi-Annual Channel crowd

Windows Server 2008 SP2 gets new support model

Updated What? Remember that Redmond’s added support to 2026 and this makes sense

Windows Admin Center gets an update, just in time for Server 2019

Who wouldn't like a Honolulu holiday? Legacy Windows admins, that's who

Windows Server 2019 Essentials incoming – but cheapo product's days are numbered

Look on the bright side, there’s always the cloud. What could go wrong?

New Windows Server preview ships with an AI crystal ball

Adds ‘System Insights’ to predict future capacity requirements, but Hyper-V 2019 remains mysterious

Microsoft patches patch for Meltdown bug patch: Windows 7, Server 2008 rushed an emergency fix

If at first you don't succeed, you're Redmond

Microsoft adds nothing to new Semi-Annual Windows Server preview

The firewall might not work. It can corrupt data. Why haven't you downloaded it yet?

Using Docker and Windows Server Containers? There's a patch for that

Remote code execution vuln found lurking in Microsoft's open-sourced shim

Windows Subsystem for Linux is coming to Windows Server

CMD, PowerShell and Bash. Three command line interfaces should be enough for anyone?