Rogue sysadmins the target of Microsoft's new 'Shielded VM' security
VMware's also trying to stop Dennis Nedry in vSphere 6.5, but both trail the NSA and Xen
Virtual machine security is suddenly a hot spot: VMware's building a new product for it and has added new bits to vSphere 6.5 to enhance it. And Microsoft thinks it has found a new way to secure VMs.
Let's do Redmond first because its new “Shielded VMs” are one of the headline items in Windows Server and Hyper-V 2016.
As explained to The Register by Microsoft program manager Dean Wells, Redmond reckons one of the things that holds back virtualisation is that virtual machines aren't yet as verifiably secure as their bare metal brethren.
The main thing VMs are missing is something like Intel's trusted platform module (TPM), the cryptographic signing technique that binds a workloads to a known server. If you apply TPM to a server and then to an application, the workload just won't run unless it's on a server it's been told to trust. Or to put it in terms that Jurassic Park's Dennis Nedry would understand: without the magic word, you'll be locked out.
Wells feels the lack of TPM for virtual machines means some organisations keep sensitive workloads on bare metal because they fear rogue admins can take a VM and run it elsewhere. That fear is fair enough because with a .VHD or .VHDX file, or their equivalents for non-Microsoft hypervisors, it's trivial to run a virtual machine. Wells told The Register that Microsoft clients are worried by this, because storage admins, network admins, vanilla sysadmins and other Dennis Nedry types can access the resources on which virtual machines reside.
Shielded VMs aim to prevent VM exfiltration by providing a virtual equivalent to TPM, so that VMs just won't run unless they know the host is allowed to run them. Shielded VMs are also shorn of tools like VM console connection, PowerShell Direct and other things that let an admin reach out and touch them, reducing their attack surface along the way. Shielded VMs' disks are also encrypted (at rest and in motion) turning VMs from a portable package that can be plugged into a hypervisor and turning them into black boxes.
Hyper-V itself must undergo a rigorous health attestation process before being allowed to run shielded VMs and Microsoft proposes that the provisioning of new shielded VMs must also conform to a known & trustworthy baseline configuration or provisioning will be aborted.
Shielded VMs also boot from a virtual Unified Extensible Firmware Interface (UEFI), so that the state of the host and the VM can be verified as the VM fires up only releasing the encryption key if it’s still healthy.
Windows Server 2016's new Host Guardian Service (HGS) gets the job of verifying whether hosts are allowed to run a Shielded VM and/or are in a fit condition to run it.
With trusted hosts, only whitelisted VMs in operation (and then only after accounting for themselves as they boot), Microsoft feels you'll be able to embrace hybrid cloud with confidence, in a “trusted fabric” of infrastructure that could span multiple private and/or public data centres. For those yet to adopt TPM V2-enabled servers, there's also an option to use only Active Directory groups to verify VMs' Hyper-V host’s fitness for executing on shielded VMs.
Microsoft proudly told world+dog it was way out in front of the VM security race with Shielded VMs, which launched a couple of weeks back at Ignite. That lead was whittled away after a week as VMware launched vSphere 6.5 with UEFI-secured boot for hosts and guests, plus encryption for VMs in motion. For now VSphere itself can use TPM, but Virtzilla's guests can't do virtual TPM. So Microsoft's got a little lead here for now.
The Register understands that VMware's Project Goldilocks security product may not be far from its formal debut, so perhaps Virtzilla's security story is about to gain a new chapter.
For what it's worth, it looks like Xen has had virtual TPM since version 4.3 and that contributions from the NSA helped make it a reality.
Which means Shielded VMs are NSA-grade security. That's a good thing, right? ®