As a Hyper-V MVP, I definitely had to visit Ben Armstrong’s presentation on the novelties of Hyper-V in Windows Server 2016. I already had the pleasure of having dinner with Ben on Monday night, so I had every opportunity to discuss Hyper-V related things.
I quickly discovered that Ben had crammed in a truckload of interesting new features directly or indirectly related to Hyper-V. Because of the amount of topics, the pace was high and could not go deeper than level 200, which is about right for the majority of attendees I suppose.
Here is a list of topics that were discussed.
Shielded Virtual Machines
The end to end solution comprises three things:
- Virtual TPM in a Generation 2 VM to support BitLocker
- Shielding a VM, take and make it so that the host admin cannot access it
- Host Guardian Service, an external service to guarantee that a host is safe and not tampered with before a shielded VM is placed on that host.
Key Storage Drive is an alternative for Generation 1 VM.
Guest Virtual Secure Mode
Allows Credential Guard and Device Guard to work in a virtual machine. It is very easy to turn on and everyone interested in a secure platform should turn it on. Read More »