Microsoft Announces Secured-Core Hardware for Windows Server 2022 and Azure Stack HCI
Earlier this year, Microsoft unveiled its plans to expand the Secured-Core initiative to its server products to help protect organizations from firmware attacks. The company has recently unveiled its plans to expand the Secured-Core initiative are now available for enterprise customers.
“Partnering with leading original equipment manufacturers (OEMs) and silicon vendors, Secured-core servers use industry-standard hardware-based root of trust coupled with security capabilities built into today’s modern central processing units (CPUs). Secured-core servers use the Trusted Platform Module 2.0 and Secure boot to ensure that only trusted components load in the boot path,” the company explained in a blog post.
Microsoft noted that enterprise customers can now search for Secured-Core servers in the Windows Server and Azure Stack HCI online catalog lists. Currently, there are only four all-HPE products based on Azure Stack HCI and a bunch of products that support the Windows Server specifications.
Configure and manage Secured-Core servers using Windows Admin Center
Meanwhile, IT Admins will need to head to the Windows Admin Center in order to manage the Secure-Core servers’ configuration and status. The new Windows Admin Center UI makes it easier for IT Admins to configure the following Secured-Core features without running any complex commands in PowerShell:
- Virtualization-based security (VBS) — VBS leverages the power of Hyper-V and the virtualization features of the hardware to virtually isolate a specific memory segment from the OS. It helps to secure Windows 10 and Windows 11 PCs from security threats.
- Hypervisor-Protected Code Integrity (HVCI) — It is a virtualization-based security (VBS) feature in Windows that helps to prevent any modifications in Control Flow Guard (CFG) as well as validate device drivers’ certificates.
- Boot direct memory access (DMA) protection — The feature offers protection against “malicious and unintended Direct Memory Access (DMA)” attacks that target high-speed ports.
- System Guard — Windows Defender System Guard helps to protect the system and Windows 10 from boot-level malware attacks.
- Secure Boot — The security feature is designed to prevent malicious software from taking over Windows PCs at boot time
- TPM 2.0 — The latest version of the Trusted Platform Module (TPM) that secures the system via an integrated cryptographic key and prevents malicious attacks on the boot process and computer hardware.
Microsoft says that the new Secured-Core server specification provides “exceptional host security,” which should make it harder for attackers to target the enterprise networks. “Continuing to raise the security bar for critical infrastructure against attackers makes it easier for organizations to meet that higher bar, which is an important priority for both customers and Microsoft,” Microsoft noted.
You can head over to the dedicated page here to find out about Microsoft Security solutions.
More in Microsoft Azure
Microsoft's Azure AD Conditional Access Service Can Now Require Reauthentication
May 13, 2022 | Rabia Noureen
Microsoft Addresses Cross-Tenant Database Vulnerability in Azure PostgreSQL
Apr 29, 2022 | Rabia Noureen
Microsoft Simplifies IT Monitoring with New Azure Managed Grafana Service
Apr 19, 2022 | Rabia Noureen
Microsoft Adds Ampere ARM CPU Support to Azure Virtual Machines
Apr 5, 2022 | Rabia Noureen
System Center 2022 is Now Available with New Datacenter Management Capabilities
Apr 4, 2022 | Rabia Noureen
Cloud NAS Shootout: Amazon EFS/FSx versus Azure Files
Apr 4, 2022 | Arian Modiramani
Most popular on petri