上QQ阅读APP看书,第一时间看更新
Encrypt your Hyper-V Guest VMs
In a virtualized environment, encrypting guest virtual machines is another layer of protection that you can add in Hyper-V. You may wonder what the need is for this if encrypting the Hyper-V host itself can protect against stolen physical disks. Enabling BitLocker inside your virtual machines protects against stolen virtual disks as well. For example, if an attacker manages to gain access to an online Hyper-V, host and VHDX or VHD files can be downloaded or stolen.
Here is the screenshot from Hyper-V 2016 in which the vTPM option is disabled by default. As soon you turn on the feature, it can share virtualized TPM instances with VMs: