Shielded VM Technology in Windows Server 2016
No need to go deep into hypervisor technologies and virtualization tools in order to understand the impressive possibilities offered by virtual machines. In any data center, virtualization is a key element today. With virtual machines, the tasks of deployment, management, maintenance and automation of IT infrastructure have been simplified, and VPS services have become widespread. But, despite numerous advantages, virtualization also requires special approaches to ensuring the security of the virtual infrastructure and applications.
In the case of virtual machines (VMs), we take the operating system, applications, and encapsulate them into several VM files, getting the opportunity to run several virtual machines (sometimes dozens) on one system at the same time. Virtual machines simplify the process of migration, backup, replication, but it also means that it has become easier to change or even copy the entire VM, your entire virtual server over the network or to a USB flash drive and carry it with you.
This concerns not only commercial, but even corporate data centers. As an example, a domain controller deployed in your data center. Imagine if a domain controller leaves your organization. This is literally "the keys to the apartment where the money is." Since everything is stored centrally, you can take out dozens of VMs and run them somewhere else. And in the case of hosting a third-party provider, the problem becomes even more acute.
')
Therefore, it is not necessary to talk about the relevance of the problem of data protection inside virtual machines - located both in public clouds and in a private internal cloud. And it is typical for any virtualization platform, be it VMware, Hyper-V, Xen, KVM, etc. How and from whom does the data need to be protected? Should administrators have access to them with different roles - virtualization administrators, domain administrators, network administrators, disk storage administrators?
Some will say: if Windows Server is used as the host operating system, then the problem is solved by encryption. Just add a virtual Trusted Platform Module (TPM) to the VM, and you can encrypt its contents using BitLocker. The idea is good, but does not work. Need more protection from the wiles of admins. After all, the administrator can theoretically do anything with the system, that is, he is able to remove any VM protection, unless special measures are taken. For example, in the case of virtual TPM (vTPM), it can find the encryption key in memory and decrypt the VM.
We need real VM protection, which will allow launching it only in a specific infrastructure environment and will completely protect against administrator actions, thereby eliminating a weak link in the information system, because the admin can potentially be forced to do anything you want by deception, bribery or blackmail. Moreover, this method is much cheaper and more affordable than hacker cyber attacks.
To do this, the Shielded VM technology in Windows Server 2016 (in Microsoft terminology, shielded virtual machines) serves to limit access to VM administrators and protect virtual machines from malicious code. The shielding technology of Shielded VM virtual machines is another reason to pay attention to Windows Server 2016. Who needs it first?
How does the Shielded VM protection work ? First, information security technologies with hardware security features isolate VMs from host administrators. Second, the Host Guardian Service can identify legitimate Hyper-V hosts and protect the encryption keys of a specific Shielded VM. Third, this is done using the second generation virtual Trusted Platform Module (vTPM) support for VMs. Encryption and authentication are widely used. So, in order.
Shielded VM is a fundamentally new Windows Server 2016 technology. However, the good old encryption is also used in it. Although it is not a panacea, one cannot do without it. It allows the owner of the virtual machine to enable encryption of volumes within the guest OS, for example, using the same BitLocker. Thus, the contents of the VM becomes inaccessible both to the malicious code if it is on the Hyper-V host where the VM is located, and to the administrator of this host.
The Shielded VM technology protects the virtual machines from being compromised and from administrators of any level by encrypting the disk and the VM state, after which only the owner will have access to it. And, the most interesting is that encryption keys are never stored on Hyper-V nodes with shielded VMs, which can significantly increase the security of the solution as a whole.
Another new Windows Server tool, Host Guardian Service (HGS), checks whether a Shielded VM can be run on this host, whether it’s legitimate, trusted, or host server. To do this, use the means of certifying the host and hardware boot metrics, as well as Code Integrity functions. All this allows you to check whether the host meets the required criteria, and whether it is possible to run the VM on it.
Host Guardian Service provides attestation - verification of the Hyper-V host and key protection required to run the Shielded VM secure virtual machine. HGS runs as a Windows Server 2016 role and includes two separate services — certification and key protection.
Thus, the process of VM screening in steps is simplified as follows:
Host Guardian Service Host Protection Service is a new role in Windows Server 2016 that allows virtual machines and data in them to be protected from unauthorized access even by Hyper-V administrators. Since encryption keys are never stored on Hyper-V nodes with shielded VMs, this can significantly increase the security of the solution as a whole.
HGS works as follows:
Thus, the contents of the VM remain inaccessible both to the malicious code on the Hyper-V host where the VM is located, and to the administrator of this host. What types of attacks does Shielded VM technology protect against? They are listed below.
Note that Shielded VM does not protect against DDoS attacks - a separate service is needed.
To boot the Shielded VM, the Unified Extensible Firmware Interface (UEFI) is used, rather than the traditional BIOS, Secure Boot is protected, VM disk encryption is enabled using BitLocker. VM data are protected by BitLocker, including during the Live Migration migration.
Shielded VM restricts access to a virtual machine for administrators of various levels. Only the VM administrator himself has this amount.
Thus, the Host Guardian Service, a new role in Windows Server 2016, allows you to protect your VM from unauthorized access by Hyper-V host administrators. An admin who does not have full rights to Shielded VM can only start or stop such a virtual machine, but not change its settings or view the contents.
Shielded VM requires a Windows Server 2012 or Windows 8 guest OS or higher. Shielded VM virtual machines (shielded) can also be created on the Azure Management Pack Portal. Standard virtual machines can also be converted to secure. In this case, as already noted, virtual disks are encrypted using BitLocker.
How can I certify a host, that is, make sure that the VM is running on a trusted system and on a member of the domain? There are two ways to do this: lightweight (Admin-Trusted) and enhanced (TPM-based).
The first one is mainly intended for enterprise data centers or especially trusted hosting providers and is based on Active Directory: in order to authorize a host to start a VM, it is included in the AD group. Hardware check is absent - any servers are suitable (without a crypto processor). This is a programmatic way to verify trusted nodes.
The second one, intended for the majority of hosters, is more complex and requires hardware with support for the TPM 2.0 and UEFI 2.3.1 crypto processor. Such equipment is still rare. So the choice of a specific method of protection also depends on the capabilities of the hardware. The hardware certification process looks like this:
In the presence of TMP, hardware verification is used - depending on the settings, binaries, hypervisors, etc. are checked. What should I do if there is no appropriate hardware - TPM 2.0 and UEFI? You can use the software. Host certification is performed through Kerberos and a domain controller. VM data is also encrypted and protected from admins, but there is no VM protection at the system level, for example, from viruses or keyloggers. However, this level of security is considered adequate in most cases. It only requires configuring the AD group.
AD with the program method (Admin-Trusted) is used to store information - instead of TMP. With the hardware method, more checks are performed, for example, the health state of the VM and the node is checked, but the program method makes it possible to use the existing IT infrastructure, so in the near future it will be the main one. To protect against failures, it is recommended to deploy three HGS servers. You can use DNS to lookup the HGS node. Note that you need to update the HGS along with the virtualization host.
Theoretically, these HGS servers can be virtual (work as Shielded VM), but this configuration is unreliable and will not start after a failure — at least one physical HGS server or at least a normal virtual server (not a Shielded VM) is recommended.
Managed by HGS from PowerShell or from the console, high availability (HA) mode supported, scaling. Particular attention should be paid to HGS security — physical server protection is recommended. Microsoft also recommends that you enable BitLocker and SecureBoot for HGS, enable the firewall and assign at least one static IP to each HGS node. To enable SSL for REST API calls, you need a valid SSL certificate. It specifies the name of the HGS Service FQDN.
All this fits into the concept of Microsoft Virtualization Based Security (VBS), which involves the protection of hypervisors, networks, etc. For security and isolation, VBS uses extensions of the virtualization platform. In Hyper-V, VBS is used to protect the host OS and guest VMs, servers, and clients.
Virtualization-based Security (VBS) uses hardware protection technology to create a security zone that is isolated from the kernel and applications. This ensures protection against external attacks.
The VBS hardware platform has the following requirements: availability of UEFI 2.3.1c for secure and controlled boot, TPM v2.0 for resource protection, virtualization expansion (Intel VT-X, AMD-V), address translation (Intel EPT, AMD RVI), memory protection hypervisor.
An important task is to ensure code integrity verification (Hypervisor Enforced Code Integrity). Currently, CI checks are performed from the kernel, and if the kernel is compromised, the code will be executed. In VBS, this is done safely. The hypervisor checks the access rights to each page of memory, the right to execute the code located there, and the integrity of the data. Thus, potential attacks through memory operations are significantly limited and protection against incorrect drivers is implemented.
Code Integrity with Virtualization-Based Security ensures that only authorized binary code is started on the system since it starts.
VBS includes many architectural changes and individual tools. For example, Virtual Security Mode (VSM) severely limits the actions of the host and VM. As part of VMS, a secure OS runtime and guest VMs are implemented, their integrity is checked, and the security of the VM Worker Process used in the Shielded VM process is enhanced to protect VM state information. Virtual TMP (vTPM) for guest machines supports TPM services, such as disk encryption.
It is necessary not only to restrict the access rights of the host admin to the guest VM. The administrator should not interfere with the operation of the host's operating system — the hypervisor must also be protected from its actions. These mechanisms are key to the implementation of VSM, which involves the protection of platforms, virtual machines and virtual equipment.
In essence, VMS is a set of methods for controlling memory (its protection, distribution, access rights), demarcation between operating systems, operations with platform “secrets” without disclosing them. VMS allows you to build new levels of security - Virtual Trust Levels (VTL). In Windows Server 2016, along with built-in security levels, you can create new VTL with more stringent requirements. VTL provides memory isolation, protects access to physical memory. At the VTL0 level, unprotected VMs work, at the VTL1 level - shielded VMs. You can create additional levels of VTL - they are hierarchical. Admin can not change VTL from host OS.
What is a VM running in VSM mode? This is a reduced kernel (proxy kernel, SMART or SKERNEL) that accesses the normal kernel via IUM (Isolated User Mode) using Intel VT-d. This mechanism protects virtual hardware resources from host administrator access.
An important point is protection against so-called DMA attacks, for example, “fake” drivers trying to compromise VSM memory. To control DMA memory, the hypervisor uses an IOMMU system.
The virtual machine must be protected in any state: turned off, running, or “moving.” This requires a motherboard with UEFI support, Secure Boot in the VM and support for TPM 2.0.
Trusted Platform Module (TPM) is an international standard crypto processor. Windows Server 2016 Hyper-V allows you to use virtual TPM for VM protection. As a result, VMs can use, for example, the BitLocker function. Virtual TPM does not require a physical TPM module. vTPM is a kind of virtual TPM device for guest VMs that allows you to encrypt their disks.
To protect the VM in "resting state" is vTPM. Virtual TPM does not require a physical TPM and allows you to move the VM. This is a virtual TPM 2.0 device. In addition, the guest VM disk is encrypted using BitLocker. VM traffic is also encrypted.
For each VM, a Virtual Machine Workerr Process (VMWP) is created. For Shielded VM, this is a protected process with debugger access denied and a number of functions restricted. Administrative access to Shielded VM is also limited. Access to it through VMconnect (in basic mode) is denied, RemoteFX is prohibited, unprotected WMI calls, KVP are disabled, integration components are disabled, the IMC registry is inserted, unprotected VDEV devices are removed. Such a VM can be controlled through built-in mechanisms. If the VM "broke", then for its repair you will need to disable the Shielded VM mode or restore it from a backup.
New Hyper-V security boundaries. The OS binaries are checked, the operating system restricts access to resources, and authentication is widely used. The guest OS works with the host through a secure VMWP. Virtual TPM encrypts VM data, and encryption keys are stored on an external server. Hypervisor, VSM, guest OS implement separate levels of security.
Of course, the level of shielding (protection) VM can be configured. A weaker level of protection can be used when you trust the host admin, or the host system does not support all the requirements of Shielded VM. In this case, reduced and unproductive losses due to shielding.
To make it all work, changes have been made to the security modes of the hypervisor. By default, he does not trust the host system, there is no direct access to the hypervisor from it, its access to key system resources is limited. Everything you need is done from the guest OS OS. The host operating system primarily implements management functions. The state of the hypervisor in the hibernation file is encrypted.
Thus, the data and state of Shielded VM are protected from admins and malware, VSM on the host is protected using vTPM, disk encryption is supported, and Shielded VM can only be run on a verified host. The deployment of shielded VMs and features of Shielded VM is described in this document.
With a view to hosting companies and large organizations, Windows Server 2016 also implements the Guarded Fabric toolkit. With it, you can flexibly configure your network infrastructure and divide it into segments so that you cannot intercept data, interfere from one virtual machine to another, and perform other operations that are contrary to security policies. Tens of thousands of virtual machines can function in the networks of cloud service providers, in the infrastructure of which IP-address conflicts can occur, virtualization systems with malware can appear. The task of Guarded Fabric is to prevent it.
Shared hosting and clouds are no longer unsafe - one of the main obstacles to using cloud services has been removed. Virtual servers can now be used for loads that previously, for security reasons, could only be performed on hardware platforms.
Is hosting safe?
In the case of virtual machines (VMs), we take the operating system, applications, and encapsulate them into several VM files, getting the opportunity to run several virtual machines (sometimes dozens) on one system at the same time. Virtual machines simplify the process of migration, backup, replication, but it also means that it has become easier to change or even copy the entire VM, your entire virtual server over the network or to a USB flash drive and carry it with you.
This concerns not only commercial, but even corporate data centers. As an example, a domain controller deployed in your data center. Imagine if a domain controller leaves your organization. This is literally "the keys to the apartment where the money is." Since everything is stored centrally, you can take out dozens of VMs and run them somewhere else. And in the case of hosting a third-party provider, the problem becomes even more acute.
')
Therefore, it is not necessary to talk about the relevance of the problem of data protection inside virtual machines - located both in public clouds and in a private internal cloud. And it is typical for any virtualization platform, be it VMware, Hyper-V, Xen, KVM, etc. How and from whom does the data need to be protected? Should administrators have access to them with different roles - virtualization administrators, domain administrators, network administrators, disk storage administrators?
Encryption and TPM - not a panacea
Some will say: if Windows Server is used as the host operating system, then the problem is solved by encryption. Just add a virtual Trusted Platform Module (TPM) to the VM, and you can encrypt its contents using BitLocker. The idea is good, but does not work. Need more protection from the wiles of admins. After all, the administrator can theoretically do anything with the system, that is, he is able to remove any VM protection, unless special measures are taken. For example, in the case of virtual TPM (vTPM), it can find the encryption key in memory and decrypt the VM.
We need real VM protection, which will allow launching it only in a specific infrastructure environment and will completely protect against administrator actions, thereby eliminating a weak link in the information system, because the admin can potentially be forced to do anything you want by deception, bribery or blackmail. Moreover, this method is much cheaper and more affordable than hacker cyber attacks.
To do this, the Shielded VM technology in Windows Server 2016 (in Microsoft terminology, shielded virtual machines) serves to limit access to VM administrators and protect virtual machines from malicious code. The shielding technology of Shielded VM virtual machines is another reason to pay attention to Windows Server 2016. Who needs it first?
| To whom | What for |
| Hoster | Can guarantee the protection of customer data from any actions of data center administrators. |
| To customers | They can transfer the load to the cloud or to a commercial data center and at the same time not fear for the safety, confidentiality and integrity of their information assets, and comply with the requirements of regulators. |
| Businesses | They get the opportunity to clearly separate Hyper-V administrators from performing critical workloads. |
How is this implemented?
How does the Shielded VM protection work ? First, information security technologies with hardware security features isolate VMs from host administrators. Second, the Host Guardian Service can identify legitimate Hyper-V hosts and protect the encryption keys of a specific Shielded VM. Third, this is done using the second generation virtual Trusted Platform Module (vTPM) support for VMs. Encryption and authentication are widely used. So, in order.
Shielded VM is a fundamentally new Windows Server 2016 technology. However, the good old encryption is also used in it. Although it is not a panacea, one cannot do without it. It allows the owner of the virtual machine to enable encryption of volumes within the guest OS, for example, using the same BitLocker. Thus, the contents of the VM becomes inaccessible both to the malicious code if it is on the Hyper-V host where the VM is located, and to the administrator of this host.
The Shielded VM technology protects the virtual machines from being compromised and from administrators of any level by encrypting the disk and the VM state, after which only the owner will have access to it. And, the most interesting is that encryption keys are never stored on Hyper-V nodes with shielded VMs, which can significantly increase the security of the solution as a whole.
Another new Windows Server tool, Host Guardian Service (HGS), checks whether a Shielded VM can be run on this host, whether it’s legitimate, trusted, or host server. To do this, use the means of certifying the host and hardware boot metrics, as well as Code Integrity functions. All this allows you to check whether the host meets the required criteria, and whether it is possible to run the VM on it.
Host Guardian Service provides attestation - verification of the Hyper-V host and key protection required to run the Shielded VM secure virtual machine. HGS runs as a Windows Server 2016 role and includes two separate services — certification and key protection.
Thus, the process of VM screening in steps is simplified as follows:
- Encrypting the state of the VM and its data, eliminating redundant administrative access to the virtual machine. Copying such a VM simply makes no sense.
- Encryption keys are stored on the external system. Just a virtual or hardware TPM is not suitable for this for two reasons: VMs are “prone to moving” from server to server, and the server administrator has access to TPM. In Server 2016, the Host Guardian Service is used for such external storage.
- The VM receives the key from a trusted host through the HGS at startup. Similarly, you can protect the guest OS Windows Server 2016, 2012 R2, 2008. The plans - Linux.
Host Guardian Service Host Protection Service is a new role in Windows Server 2016 that allows virtual machines and data in them to be protected from unauthorized access even by Hyper-V administrators. Since encryption keys are never stored on Hyper-V nodes with shielded VMs, this can significantly increase the security of the solution as a whole.
HGS works as follows:
- Hyper-V host requests a key from HGS.
- HGS responds that it has no data on the legality of the Hyper-V host.
- Then the Hyper-V host sends its identity to the HGS.
- HGS sends a certificate of conformity to the Hyper-V host.
- The Hyper-V host sends the request again and sends the HGS certificate.
- In response, HGS sends the encryption key to the security zone of the Hyper-V host virtualization environment.
Thus, the contents of the VM remain inaccessible both to the malicious code on the Hyper-V host where the VM is located, and to the administrator of this host. What types of attacks does Shielded VM technology protect against? They are listed below.
| Attack vector | Shielded VM Protection |
| VHD Theft by System Administrator | Shielded VM provides VHD encryption, the key is stored outside the host. |
| Using debug mode in Hyper-V | The HGS host does not issue keys to hosts with debuggers. HGS allows you to control it. |
| Hyper-V host infection by malicious code. | All software on the host (in kernel mode, user mode and drivers) is monitored, the integrity of the code (CI) is monitored. |
| Infection of disk template VM. | Shielded VMs are deployed from checked templates only. |
| Attempt to migrate Shielded VM to untrusted host. | Trusted hosts are added to the HGS with the unique identifiers of their TPMs. A new, not added host will not be recognized. |
Note that Shielded VM does not protect against DDoS attacks - a separate service is needed.
To boot the Shielded VM, the Unified Extensible Firmware Interface (UEFI) is used, rather than the traditional BIOS, Secure Boot is protected, VM disk encryption is enabled using BitLocker. VM data are protected by BitLocker, including during the Live Migration migration.
Shielded VM restricts access to a virtual machine for administrators of various levels. Only the VM administrator himself has this amount.
Thus, the Host Guardian Service, a new role in Windows Server 2016, allows you to protect your VM from unauthorized access by Hyper-V host administrators. An admin who does not have full rights to Shielded VM can only start or stop such a virtual machine, but not change its settings or view the contents.
Shielded VM requires a Windows Server 2012 or Windows 8 guest OS or higher. Shielded VM virtual machines (shielded) can also be created on the Azure Management Pack Portal. Standard virtual machines can also be converted to secure. In this case, as already noted, virtual disks are encrypted using BitLocker.
Trust but check
How can I certify a host, that is, make sure that the VM is running on a trusted system and on a member of the domain? There are two ways to do this: lightweight (Admin-Trusted) and enhanced (TPM-based).
The first one is mainly intended for enterprise data centers or especially trusted hosting providers and is based on Active Directory: in order to authorize a host to start a VM, it is included in the AD group. Hardware check is absent - any servers are suitable (without a crypto processor). This is a programmatic way to verify trusted nodes.
The second one, intended for the majority of hosters, is more complex and requires hardware with support for the TPM 2.0 and UEFI 2.3.1 crypto processor. Such equipment is still rare. So the choice of a specific method of protection also depends on the capabilities of the hardware. The hardware certification process looks like this:
- Runs Shielded VM.
- The client initiates an attestation protocol.
- The host sends metrics and code integrity monitoring results.
- Validates host metrics.
- The host is issued a signed certification certificate. This allows the launch of the VM.
In the presence of TMP, hardware verification is used - depending on the settings, binaries, hypervisors, etc. are checked. What should I do if there is no appropriate hardware - TPM 2.0 and UEFI? You can use the software. Host certification is performed through Kerberos and a domain controller. VM data is also encrypted and protected from admins, but there is no VM protection at the system level, for example, from viruses or keyloggers. However, this level of security is considered adequate in most cases. It only requires configuring the AD group.
AD with the program method (Admin-Trusted) is used to store information - instead of TMP. With the hardware method, more checks are performed, for example, the health state of the VM and the node is checked, but the program method makes it possible to use the existing IT infrastructure, so in the near future it will be the main one. To protect against failures, it is recommended to deploy three HGS servers. You can use DNS to lookup the HGS node. Note that you need to update the HGS along with the virtualization host.
Theoretically, these HGS servers can be virtual (work as Shielded VM), but this configuration is unreliable and will not start after a failure — at least one physical HGS server or at least a normal virtual server (not a Shielded VM) is recommended.
Managed by HGS from PowerShell or from the console, high availability (HA) mode supported, scaling. Particular attention should be paid to HGS security — physical server protection is recommended. Microsoft also recommends that you enable BitLocker and SecureBoot for HGS, enable the firewall and assign at least one static IP to each HGS node. To enable SSL for REST API calls, you need a valid SSL certificate. It specifies the name of the HGS Service FQDN.
Total protection
All this fits into the concept of Microsoft Virtualization Based Security (VBS), which involves the protection of hypervisors, networks, etc. For security and isolation, VBS uses extensions of the virtualization platform. In Hyper-V, VBS is used to protect the host OS and guest VMs, servers, and clients.
Virtualization-based Security (VBS) uses hardware protection technology to create a security zone that is isolated from the kernel and applications. This ensures protection against external attacks.
The VBS hardware platform has the following requirements: availability of UEFI 2.3.1c for secure and controlled boot, TPM v2.0 for resource protection, virtualization expansion (Intel VT-X, AMD-V), address translation (Intel EPT, AMD RVI), memory protection hypervisor.
An important task is to ensure code integrity verification (Hypervisor Enforced Code Integrity). Currently, CI checks are performed from the kernel, and if the kernel is compromised, the code will be executed. In VBS, this is done safely. The hypervisor checks the access rights to each page of memory, the right to execute the code located there, and the integrity of the data. Thus, potential attacks through memory operations are significantly limited and protection against incorrect drivers is implemented.
Code Integrity with Virtualization-Based Security ensures that only authorized binary code is started on the system since it starts.
VBS includes many architectural changes and individual tools. For example, Virtual Security Mode (VSM) severely limits the actions of the host and VM. As part of VMS, a secure OS runtime and guest VMs are implemented, their integrity is checked, and the security of the VM Worker Process used in the Shielded VM process is enhanced to protect VM state information. Virtual TMP (vTPM) for guest machines supports TPM services, such as disk encryption.
It is necessary not only to restrict the access rights of the host admin to the guest VM. The administrator should not interfere with the operation of the host's operating system — the hypervisor must also be protected from its actions. These mechanisms are key to the implementation of VSM, which involves the protection of platforms, virtual machines and virtual equipment.
In essence, VMS is a set of methods for controlling memory (its protection, distribution, access rights), demarcation between operating systems, operations with platform “secrets” without disclosing them. VMS allows you to build new levels of security - Virtual Trust Levels (VTL). In Windows Server 2016, along with built-in security levels, you can create new VTL with more stringent requirements. VTL provides memory isolation, protects access to physical memory. At the VTL0 level, unprotected VMs work, at the VTL1 level - shielded VMs. You can create additional levels of VTL - they are hierarchical. Admin can not change VTL from host OS.
What is a VM running in VSM mode? This is a reduced kernel (proxy kernel, SMART or SKERNEL) that accesses the normal kernel via IUM (Isolated User Mode) using Intel VT-d. This mechanism protects virtual hardware resources from host administrator access.
An important point is protection against so-called DMA attacks, for example, “fake” drivers trying to compromise VSM memory. To control DMA memory, the hypervisor uses an IOMMU system.
The virtual machine must be protected in any state: turned off, running, or “moving.” This requires a motherboard with UEFI support, Secure Boot in the VM and support for TPM 2.0.
Trusted Platform Module (TPM) is an international standard crypto processor. Windows Server 2016 Hyper-V allows you to use virtual TPM for VM protection. As a result, VMs can use, for example, the BitLocker function. Virtual TPM does not require a physical TPM module. vTPM is a kind of virtual TPM device for guest VMs that allows you to encrypt their disks.
To protect the VM in "resting state" is vTPM. Virtual TPM does not require a physical TPM and allows you to move the VM. This is a virtual TPM 2.0 device. In addition, the guest VM disk is encrypted using BitLocker. VM traffic is also encrypted.
For each VM, a Virtual Machine Workerr Process (VMWP) is created. For Shielded VM, this is a protected process with debugger access denied and a number of functions restricted. Administrative access to Shielded VM is also limited. Access to it through VMconnect (in basic mode) is denied, RemoteFX is prohibited, unprotected WMI calls, KVP are disabled, integration components are disabled, the IMC registry is inserted, unprotected VDEV devices are removed. Such a VM can be controlled through built-in mechanisms. If the VM "broke", then for its repair you will need to disable the Shielded VM mode or restore it from a backup.
New Hyper-V security boundaries. The OS binaries are checked, the operating system restricts access to resources, and authentication is widely used. The guest OS works with the host through a secure VMWP. Virtual TPM encrypts VM data, and encryption keys are stored on an external server. Hypervisor, VSM, guest OS implement separate levels of security.
Of course, the level of shielding (protection) VM can be configured. A weaker level of protection can be used when you trust the host admin, or the host system does not support all the requirements of Shielded VM. In this case, reduced and unproductive losses due to shielding.
- A basic level of. Uses TPM functions — vTPM is supported in the VM, Secure Boot, disk encryption, VSC, etc. are supported.
- Protection of this level is complemented by encryption of the VM state and migration traffic.
- Full screening, including limiting host administrator operations.
To make it all work, changes have been made to the security modes of the hypervisor. By default, he does not trust the host system, there is no direct access to the hypervisor from it, its access to key system resources is limited. Everything you need is done from the guest OS OS. The host operating system primarily implements management functions. The state of the hypervisor in the hibernation file is encrypted.
Thus, the data and state of Shielded VM are protected from admins and malware, VSM on the host is protected using vTPM, disk encryption is supported, and Shielded VM can only be run on a verified host. The deployment of shielded VMs and features of Shielded VM is described in this document.
With a view to hosting companies and large organizations, Windows Server 2016 also implements the Guarded Fabric toolkit. With it, you can flexibly configure your network infrastructure and divide it into segments so that you cannot intercept data, interfere from one virtual machine to another, and perform other operations that are contrary to security policies. Tens of thousands of virtual machines can function in the networks of cloud service providers, in the infrastructure of which IP-address conflicts can occur, virtualization systems with malware can appear. The task of Guarded Fabric is to prevent it.
Shared hosting and clouds are no longer unsafe - one of the main obstacles to using cloud services has been removed. Virtual servers can now be used for loads that previously, for security reasons, could only be performed on hardware platforms.
Source: https://habr.com/ru/post/318476/
All Articles