管理主机保护者服务Managing the Host Guardian Service

适用于: Windows Server 2019、Windows Server (半年频道) 、Windows Server 2016Applies to: Windows Server 2019, Windows Server (Semi-Annual Channel), Windows Server 2016

主机保护者服务 (HGS) 是受保护的构造解决方案的成为。The Host Guardian Service (HGS) is the centerpiece of the guarded fabric solution. 它负责确保将构造中的 Hyper-v 主机称为宿主或企业,并运行受信任的软件,并管理用于启动受防护 Vm 的密钥。It is responsible for ensuring that Hyper-V hosts in the fabric are known to the hoster or enterprise and running trusted software and for managing the keys used to start up shielded VMs. 当租户决定信任你托管其受防护的 Vm 时,它们会将其信任置于主机保护者服务的配置和管理中。When a tenant decides to trust you to host their shielded VMs, they are placing their trust in your configuration and management of the Host Guardian Service. 因此,在管理主机保护者服务时必须遵循最佳做法,以确保受保护的构造的安全性、可用性和可靠性。Therefore, it is very important to follow best practices when managing the Host Guardian Service to ensure the security, availability and reliability of your guarded fabric. 以下各节中的指南介绍了适用于 HGS 的管理员最常见的操作问题。The guidance in the following sections addresses the most common operational issues facing administrators of HGS.

限制对 HGS 的管理员访问权限Limiting admin access to HGS

由于 HGS 的安全敏感性,确保其管理员是组织的高度可信成员,并且最好与构造资源的管理员区分开来,这一点很重要。Due to the security sensitive nature of HGS, it is important to ensure that its administrators are highly trusted members of your organization and, ideally, separate from the administrators of your fabric resources. 此外,建议您仅使用安全通信协议(例如通过 HTTPS 的 WinRM)从安全工作站管理 HGS。Additionally, it is recommended that you only manage HGS from secure workstations using secure communication protocols, such as WinRM over HTTPS.

职责分离Separation of Duties

设置 HGS 时,可以选择仅为 HGS 创建独立的 Active Directory 林,或将 HGS 加入到现有的受信任域中。When setting up HGS, you are given the option of creating an isolated Active Directory forest just for HGS or to join HGS to an existing, trusted domain. 此决定以及在组织中分配管理员的角色决定了 HGS 的信任边界。This decision, as well as the roles you assign the admins in your organization, determine the trust boundary for HGS. 谁有权访问 HGS,无论是直接作为管理员还是作为其他内容的管理员间接 (例如,可能会影响 HGS 的 Active Directory) ,可以控制受保护的结构。Whoever has access to HGS, whether directly as an admin or indirectly as an admin of something else (e.g. Active Directory) that can influence HGS, has control over your guarded fabric. HGS 管理员选择有权运行受防护的 Vm 的 Hyper-v 主机,并管理启动受防护的 Vm 所需的证书。HGS admins choose which Hyper-V hosts are authorized to run shielded VMs and manage the certificates necessary to start up shielded VMs. 有权访问 HGS 的攻击者或恶意管理员可以利用此功能来授权受攻击的主机运行受防护的 Vm,通过删除密钥材料等来发起拒绝服务攻击。An attacker or malicious admin who has access to HGS can use this power to authorize compromised hosts to run shielded VMs, initiate a denial-of-service attack by removing key material, and more.

为避免这种风险, 强烈 建议您限制 hgs (的管理员的重叠,其中包括 hgs 加入的域) 和 hyper-v 环境。To avoid this risk, it is strongly recommended that you limit the overlap between the admins of your HGS (including the domain to which HGS is joined) and Hyper-V environments. 通过确保没有一个管理员可以访问这两个系统,攻击者需要从两个人中泄露2个不同的帐户,以完成其任务来更改 HGS 策略。By ensuring no one admin has access to both systems, an attacker would need to compromise 2 different accounts from 2 individuals to complete his mission to change the HGS policies. 这也意味着,两个 Active Directory 环境的域和企业管理员不应为同一人,并且 HGS 使用与 Hyper-v 主机相同的 Active Directory 林。This also means that the domain and enterprise admins for the two Active Directory environments should not be the same person, nor should HGS use the same Active Directory forest as your Hyper-V hosts. 任何可以授予自身访问权限的人都面临安全风险。Anyone who can grant themselves access to more resources poses a security risk.

使用足够的管理Using Just Enough Administration

HGS 附带了 足够的管理 (JEA 的内置) 角色,有助于更安全地管理它。HGS comes with Just Enough Administration (JEA) roles built in to help you manage it more securely. JEA 可帮助用户将管理员任务委派给非管理员用户,这意味着管理 HGS 策略的人员实际上不需要是整个计算机或域的管理员。JEA helps by allowing you to delegate admin tasks to non-admin users, meaning the people who manage HGS policies need not actually be admins of the entire machine or domain. JEA 的工作原理是限制用户可在 PowerShell 会话中运行的命令,并在后台使用临时本地帐户 (每个用户会话都是唯一的,) 运行通常需要提升的命令。JEA works by limiting what commands a user can run in a PowerShell session and using a temporary local account behind the scenes (unique for each user session) to run the commands which normally require elevation.

HGS 附带2个预配置的 JEA 角色:HGS ships with 2 JEA roles preconfigured:

  • 允许用户管理所有 HGS 策略的Hgs 管理员,包括授权新主机运行受防护的 vm。HGS Administrators which allows users to manage all HGS policies, including authorizing new hosts to run shielded VMs.
  • 仅允许用户审核现有策略的HGS 审阅者HGS Reviewers which only allows users the right to audit existing policies. 它们不能对 HGS 配置进行任何更改。They cannot make any changes to the HGS configuration.

若要使用 JEA,首先需要创建一个新的标准用户,并使其成为 HGS 管理员或 HGS 审阅者组的成员。To use JEA, you first need to create a new standard user and make them a member of either the HGS admins or HGS reviewers group. 如果你使用 Install-HgsServer 为 hgs 设置新的林,则这些组将分别命名为 "servicenameAdministrators" 和 "servicename审校",其中 servicename 是 HGS 群集的网络名称。If you used Install-HgsServer to set up a new forest for HGS, these groups will be named "servicenameAdministrators" and "servicenameReviewers", respectively, where servicename is the network name of the HGS cluster. 如果已将 HGS 加入现有域,则应该引用在中指定的组名称 Initialize-HgsServerIf you joined HGS to an existing domain, you should refer to the group names you specified in Initialize-HgsServer.

为 HGS 管理员和审阅者角色创建标准用户Create standard users for the HGS administrator and reviewer roles

$hgsServiceName = (Get-ClusterResource HgsClusterResource | Get-ClusterParameter DnsName).Value
$adminGroup = $hgsServiceName + "Administrators"
$reviewerGroup = $hgsServiceName + "Reviewers"

New-ADUser -Name 'hgsadmin01' -AccountPassword (Read-Host -AsSecureString -Prompt 'HGS Admin Password') -ChangePasswordAtLogon $false -Enabled $true
Add-ADGroupMember -Identity $adminGroup -Members 'hgsadmin01'

New-ADUser -Name 'hgsreviewer01' -AccountPassword (Read-Host -AsSecureString -Prompt 'HGS Reviewer Password') -ChangePasswordAtLogon $false -Enabled $true
Add-ADGroupMember -Identity $reviewerGroup -Members 'hgsreviewer01'

具有审阅者角色的审核策略Audit policies with the reviewer role

在通过网络连接到 HGS 的远程计算机上,在 PowerShell 中运行以下命令,以使用审阅者凭据输入 JEA 会话。On a remote machine that has network connectivity to HGS, run the following commands in PowerShell to enter the JEA session with the reviewer credentials. 需要注意的是,由于审阅者帐户只是标准用户,因此不能用于常规的 Windows PowerShell 远程处理、对 HGS 的远程桌面访问等。It is important to note that since the reviewer account is just a standard user, it cannot be used for regular Windows PowerShell remoting, Remote Desktop access to HGS, etc.

Enter-PSSession -ComputerName <hgsnode> -Credential '<hgsdomain>\hgsreviewer01' -ConfigurationName 'microsoft.windows.hgs'

然后,你可以使用来检查会话中允许的命令 Get-Command ,并运行任何允许的命令来审核配置。You can then check which commands are allowed in the session with Get-Command and run any allowed commands to audit the configuration. 在下面的示例中,我们将检查在 HGS 上启用的策略。In the below example, we are checking which policies are enabled on HGS.



Exit-PSSession exit 当你完成使用 JEA 会话时,请键入命令或其别名。Type the command Exit-PSSession or its alias, exit, when you are done working with the JEA session.

使用管理员角色向 HGS 添加新策略Add a new policy to HGS using the administrator role

若要实际更改策略,需要使用属于 "hgsAdministrators" 组的标识连接到 JEA 终结点。To actually change a policy, you need to connect to the JEA endpoint with an identity that belongs to the 'hgsAdministrators' group. 在下面的示例中,我们演示了如何将新的代码完整性策略复制到 HGS 并使用 JEA 注册它。In the below example, we show how you can copy a new code integrity policy to HGS and register it using JEA. 语法可能与你使用的不同。The syntax may be different from what you are used to. 这是为了满足 JEA 中的某些限制,例如不能访问完整的文件系统。This is to accommodate some of the restrictions in JEA like not having access to the full file system.

$cipolicy = Get-Item "C:\temp\cipolicy.p7b"
$session = New-PSSession -ComputerName <hgsnode> -Credential '<hgsdomain>\hgsadmin01' -ConfigurationName 'microsoft.windows.hgs'
Copy-Item -Path $cipolicy -Destination 'User:' -ToSession $session

# Now that the file is copied, we enter the interactive session to register it with HGS
Enter-PSSession -Session $session
Add-HgsAttestationCiPolicy -Name 'New CI Policy via JEA' -Path 'User:\cipolicy.p7b'

# Confirm it was added successfully
Get-HgsAttestationPolicy -PolicyType CiPolicy

# Finally, remove the PSSession since it is no longer needed
Remove-PSSession -Session $session

监视 HGSMonitoring HGS

事件源和转发Event sources and forwarding

来自 HGS 的事件将显示在 Windows 事件日志中的2个源下:Events from HGS will show up in the Windows event log under 2 sources:

  • HostGuardianService-证明HostGuardianService-Attestation
  • HostGuardianService-KeyProtectionHostGuardianService-KeyProtection

若要查看这些事件,可打开事件查看器并导航到 HostGuardianService-HostGuardianService-KeyProtection。You can view these events by opening Event Viewer and navigating to Microsoft-Windows-HostGuardianService-Attestation and Microsoft-Windows-HostGuardianService-KeyProtection.

在大型环境中,通常最好将事件转发到中央 Windows 事件收集器,使事件的分析变得更简单。In a large environment, it is often preferable to forward events to a central Windows Event Collector to make analyzation of the events easier. 有关详细信息,请查看 Windows 事件转发文档For more information, check out the Windows Event Forwarding documentation.

使用 System Center Operations ManagerUsing System Center Operations Manager

你还可以使用 System Center 2016-Operations Manager 来监视 HGS 和受保护的主机。You can also use System Center 2016 - Operations Manager to monitor HGS and your guarded hosts. 受保护的结构管理包具有事件监视器,用于检查可能导致数据中心停机的常见错误配置,包括未通过证明的主机和用于报告错误的 HGS 服务器。The guarded fabric management pack has event monitors to check for common misconfigurations that can lead to datacenter downtime, including hosts not passing attestation and HGS servers reporting errors.

若要开始,请 安装并配置 SCOM 2016下载受保护的结构管理包To get started, install and configure SCOM 2016 and download the guarded fabric management pack. 随附的管理包指南介绍了如何配置管理包并了解其监视器的作用域。The included management pack guide explains how to configure the management pack and understand the scope of its monitors.

备份和还原 HGSBacking up and restoring HGS

灾难恢复规划Disaster recovery planning

在起草灾难恢复计划时,请务必考虑受保护的构造中主机保护者服务的独特要求。When drafting your disaster recovery plans, it is important to consider the unique requirements of the Host Guardian Service in your guarded fabric. 如果你丢失了部分或全部 HGS 节点,你可能会遇到会阻止用户启动其受防护 Vm 的即时可用性问题。Should you lose some or all of your HGS nodes, you may face immediate availability problems that will prevent users from starting up their shielded VMs. 在丢失整个 HGS 群集的情况下,你将需要手动备份 HGS 配置以还原 HGS 群集并恢复正常操作。In a scenario where you lose your entire HGS cluster, you will need to have complete backups of the HGS configuration on hand to restore your HGS cluster and resume normal operations. 本部分介绍为此类方案做好准备所需的步骤。This section covers the steps necessary to prepare for such a scenario.

首先,请务必了解 HGS 对于备份至关重要的内容。First, it's important to understand what about HGS is important to back up. HGS 保留了几条信息,这些信息可帮助 it 确定哪些主机有权运行受防护的 Vm。HGS retains several pieces of information that help it determine which hosts are authorized to run shielded VMs. 这包括:This includes:

  1. 使用 Active Directory 证明) 时,Active Directory (包含受信任主机的组的安全标识符;Active Directory security identifiers for the groups containing trusted hosts (when using Active Directory attestation);
  2. 环境中每个主机的唯一 TPM 标识符;Unique TPM identifiers for each host in your environment;
  3. 主机的每个唯一配置的 TPM 策略;与TPM policies for each unique configuration of host; and
  4. 确定允许在主机上运行的软件的代码完整性策略。Code integrity policies that determine which software is allowed to run on your hosts.

这些证明项目需要与托管构造的管理员协调才能获得,这可能导致在发生灾难后再次难以获取此信息。These attestation artifacts require coordination with the admins of your hosting fabric to obtain, potentially making it difficult to get this information again after a disaster.

此外,HGS 还需要访问2个或更多证书,用于对启动受防护的 VM 所需的信息进行加密和签名, (密钥保护程序) 。Additionally, HGS requires access to 2 or more certificates used to encrypt and sign the information required to start up a shielded VM (the key protector). 这些证书是受防护的 Vm 的所有者使用的已知 (,用于授权构造运行其 Vm) 并且必须在发生灾难后恢复无缝恢复体验。These certificates are well known (used by the owners of shielded VMs to authorize your fabric to run their VMs) and must be restored after a disaster for a seamless recovery experience. 发生灾难后,如果不使用相同的证书还原 HGS,则需要更新每个 VM,以授权新密钥对其信息进行解密。Should you not restore HGS with the same certificates after a disaster, each VM would need to be updated to authorize your new keys to decrypt their information. 出于安全原因,只有 VM 所有者可以更新 VM 配置以授权这些新密钥,这意味着在发生灾难后未能还原密钥,因此,每个 VM 所有者都需要采取措施使其 Vm 再次运行。For security reasons, only the VM owner can update the VM configuration to authorize these new keys, meaning failure to restore your keys after a disaster will result in each VM owner needing to take action to get their VMs running again.

准备最差Preparing for the worst

若要为完全丢失 HGS 做好准备,需要执行两个步骤:To prepare for a complete loss of HGS, there are 2 steps you must take:

  1. 备份 HGS 证明策略Back up the HGS attestation policies
  2. 备份 HGS 密钥Back up the HGS keys

备份 HGS部分提供了有关如何执行上述两个步骤的指导。Guidance on how to perform both of these steps is provided in the Backing up HGS section.

此外,建议您备份在其 Active Directory 域或 Active Directory 本身有权管理 HGS 的用户的列表。It is additionally recommended, but not required, that you back up the list of users authorized to manage HGS in its Active Directory domain or Active Directory itself.

应定期执行备份,以确保信息是最新的并安全存储,以避免篡改或被盗。Backups should be taken regularly to ensure the information is up to date and stored securely to avoid tampering or theft.

不建议备份或尝试还原 HGS 节点的整个系统映像。It is not recommended to back up or attempt to restore an entire system image of an HGS node. 如果你丢失了整个群集,最佳做法是设置全新的 HGS 节点并仅还原 HGS 状态,而不是整个服务器操作系统。In the event you have lost your entire cluster, the best practice is to set up a brand new HGS node and restore just the HGS state, not the entire server OS.

从一个节点丢失恢复Recovering from the loss of one node

如果丢失了一个或多个节点 (而不是 HGS 群集中的每个节点) ,只需遵循部署指南中的指南 将节点添加到群集If you lose one or more nodes (but not every node) in your HGS cluster, you can simply add nodes to your cluster following the guidance in the deployment guide. 认证策略将自动同步,作为具有随附密码的 PFX 文件提供给 HGS 的任何证书都将自动同步。The attestation policies will sync automatically, as will any certificates which were provided to HGS as PFX files with accompanying passwords. 对于使用指纹添加到 HGS (不可导出和硬件支持的证书,通常) ,你将需要确保每个新节点都有权访问每个证书的私钥。For certificates added to HGS using a thumbprint (non-exportable and hardware backed certificates, commonly), you will need to ensure each new node has access to the private key of each certificate.

恢复整个群集损失Recovering from the loss of the entire cluster

如果你的整个 HGS 群集出现故障,并且你无法将其恢复为联机状态,则你将需要从备份还原 HGS。If your entire HGS cluster goes down and you are unable to bring it back online, you will need to restore HGS from a backup. 从备份还原 HGS 需要首先按照 部署指南中的指南设置新的 hgs 群集。Restoring HGS from a backup involves first setting up a new HGS cluster per the guidance in the deployment guide. 在设置恢复 HGS 环境时,强烈建议(但不要求)使用相同的群集名称,以协助主机中的名称解析。It is highly recommended, but not required, to use the same cluster name when setting up the recovery HGS environment to assist with name resolution from hosts. 使用相同的名称可以避免使用新的证明和密钥保护 Url 重新配置主机。Using the same name avoids having to reconfigure hosts with new attestation and key protection URLs. 如果已将对象还原到 Active Directory 域后备 HGS,则建议你在初始化 HGS 服务器之前删除代表 HGS 群集、计算机、服务帐户和 JEA 组的对象。If you restored objects to the Active Directory domain backing HGS, it is recommended that you remove the objects representing the HGS cluster, computers, service account and JEA groups before initializing the HGS server.

设置第一个 HGS 节点 (例如,它已安装并初始化) 后,将按照 从备份还原 HGS 中 的过程进行操作,以还原证明策略和密钥保护证书的公共部分。Once you have set up your first HGS node (e.g. it has been installed and initialized), you will follow the procedures under Restoring HGS from a backup to restore the attestation policies and public halves of the key protection certificates. 你将需要根据证书提供程序的指导手动还原证书的私钥 (例如,在 Windows 中导入证书,或配置对支持 HSM 的证书的访问) 。You will need to restore the private keys for your certificates manually according to the guidance of your certificate provider (e.g. import the certificate in Windows, or configure access to HSM-backed certificates). 设置第一个节点后,可以继续在 群集中安装其他节点 ,直到达到所需的容量和复原能力。After the first node is set up, you can continue to install additional nodes to the cluster until you have reached the capacity and resiliency you desire.

备份 HGSBacking up HGS

HGS 管理员应负责定期备份 HGS。The HGS administrator should be responsible for backing up HGS on a regular basis. 完整备份将包含必须适当保护的敏感密钥材料。A complete backup will contain sensitive key material that must be appropriately secured. 如果不受信任的实体能够访问这些密钥,则他们可以使用该材料来设置恶意的 HGS 环境,以损害受防护的 Vm。Should an untrusted entity gain access to these keys, they could use that material to set up a malicious HGS environment for the purpose of compromising shielded VMs.

备份证明策略 若要备份 HGS 证明策略,请在任何工作的 HGS 服务器节点上运行以下命令。Backing up the attestation policies To back up the HGS attestation policies, run the following command on any working HGS server node. 系统将提示您提供密码。You will be prompted to provide a password. 此密码用于使用 PFX 文件加密添加到 HGS 的任何证书, (而不是) 证书指纹。This password is used to encrypt any certificates added to HGS using a PFX file (instead of a certificate thumbprint).

Export-HgsServerState -Path C:\temp\HGSBackup.xml


如果你使用的是管理员信任的证明,则必须单独备份由 HGS 使用的安全组中的成员身份来授权受保护的主机。If you are using admin-trusted attestation, you must separately back up membership in the security groups used by HGS to authorize guarded hosts. HGS 将只备份安全组的 SID,而不是它们内的成员身份。HGS will only back up the SID of the security groups, not the membership within them. 在发生灾难时,这些组会丢失,需要重新创建组 () 并再次将每个受保护的主机添加到这些组中。In the event these groups are lost during a disaster, you will need to recreate the group(s) and add each guarded host to them again.

备份证书Backing up certificates

Export-HgsServerState命令将在运行命令时备份添加到 HGS 的任何基于 PFX 的证书。The Export-HgsServerState command will back up any PFX-based certificates added to HGS at the time the command is run. 如果你使用指纹将证书添加到 HGS (典型情况下,对于不可导出的和硬件支持的证书) ,你将需要手动备份证书的私钥。If you added certificates to HGS using a thumbprint (typical for non-exportable and hardware-backed certificates), you will need to manually back up the private keys for your certificates. 若要确定哪些证书已注册到 HGS 并需要手动备份,请在任何工作的 HGS 服务器节点上运行以下 PowerShell 命令。To identify which certificates are registered with HGS and need to be backed up manually, run the following PowerShell command on any working HGS server node.

Get-HgsKeyProtectionCertificate | Where-Object { $_.CertificateData.GetType().Name -eq 'CertificateReference' } | Format-Table Thumbprint, @{ Label = 'Subject'; Expression = { $_.CertificateData.Certificate.Subject } }

对于列出的每个证书,你将需要手动备份私钥。For each of the certificates listed, you will need to manually back up the private key. 如果你使用的是不可导出的基于软件的证书,则应与证书颁发机构联系,以确保其具有证书的备份,并/或者可以根据需要重新发出证书。If you are using software-based certificate that is non-exportable, you should contact your certificate authority to ensure they have a backup of your certificate and/or can reissue it on demand. 对于创建并存储在硬件安全模块中的证书,应查阅设备的文档以获取有关灾难恢复计划的指南。For certificates created and stored in hardware security modules, you should consult the documentation for your device for guidance on disaster recovery planning.

你应将证书备份与证明策略备份一起存储在安全位置,以便可以同时还原这两个部分。You should store the certificate backups alongside your attestation policy backups in a secure location so that both pieces can be restored together.

要备份的其他配置Additional configuration to back up

备份的 HGS 服务器状态不包括你的 HGS 群集的名称、Active Directory 中的任何信息或用于保护与 HGS Api 的通信的任何 SSL 证书。The backed up HGS server state will not include the name of your HGS cluster, any information from Active Directory, or any SSL certificates used to secure communications with the HGS APIs. 这些设置对于一致性很重要,但在发生灾难后,使 HGS 群集恢复联机状态并不重要。These settings are important for consistency but not critical to get your HGS cluster back online after a disaster.

若要捕获 HGS 服务的名称,请运行 Get-HgsServer 并记下证明和密钥保护 url 中的平面名称。To capture the name of the HGS service, run Get-HgsServer and note the flat name in the Attestation and Key Protection URLs. 例如,如果证明 URL 是 " http://hgs.contoso.com/Attestation ",则 "hgs" 是 hgs 服务名称。For example, if the Attestation URL is "http://hgs.contoso.com/Attestation", "hgs" is the HGS service name.

应像管理任何其他 Active Directory 域一样管理 HGS 使用的 Active Directory 域。The Active Directory domain used by HGS should be managed like any other Active Directory domain. 在灾难发生后恢复 HGS 时,无需重新创建当前域中存在的完全相同的对象。When restoring HGS after a disaster, you will not necessarily need to recreate the exact objects that are present in the current domain. 但是,如果您备份 Active Directory,并保留有权管理系统的 JEA 用户的列表以及由管理员信任的证明用于授权受保护主机的任何安全组的成员身份,则会使恢复更容易。However, it will make recovery easier if you back up Active Directory and keep a list of the JEA users authorized to manage the system as well as the membership of any security groups used by admin-trusted attestation to authorize guarded hosts.

若要标识为 HGS 配置的 SSL 证书的指纹,请在 PowerShell 中运行以下命令。To identify the thumbprint of the SSL certificates configured for HGS, run the following command in PowerShell. 然后,你可以根据证书提供商的说明备份这些 SSL 证书。You can then back up those SSL certificates according to your certificate provider's instructions.

Get-WebBinding -Protocol https | Select-Object certificateHash

从备份还原 HGSRestoring HGS from a backup

以下步骤介绍了如何从备份还原 HGS 设置。The following steps describe how to restore HGS settings from a backup. 这些步骤与以下两种情况有关:您正在尝试撤消对已运行的 HGS 实例所做的更改,并且在您上一次群集完全丢失后,当您成为新的 HGS 群集时。The steps are relevant to both situations where you are trying to undo changes made to your already-running HGS instances and when you are standing up a brand new HGS cluster after a complete loss of your previous one.

设置替换 HGS 群集Set up a replacement HGS cluster

在还原 HGS 之前,你需要有一个已初始化的 HGS 群集,你可以将配置还原到该群集。Before you can restore HGS, you need to have an initialized HGS cluster to which you can restore the configuration. 如果只是导入意外删除到运行) 群集的现有 (的设置,则可以跳过此步骤。If you are simply importing settings that were accidentally deleted to an existing (running) cluster, you can skip this step. 如果要从完全丢失的 HGS 恢复,则需按照 部署指南中的指南安装并初始化至少一个 hgs 节点。If you are recovering from a complete loss of HGS, you will need to install and initialize at least one HGS node following the guidance in the deployment guide.

具体而言,需要:Specifically, you will need to:

  1. 设置 hgs 域或将 hgs 加入现有域Set up the HGS domain or join HGS to an existing domain
  2. 使用现有密钥一组临时密钥初始化 HGS 服务器Initialize the HGS server using your existing keys or a set of temporary keys. 从 HGS 备份文件导入实际密钥后,可以 删除临时密钥You can remove the temporary keys after importing your actual keys from the HGS backup files.
  3. 从备份导入 HGS 设置以还原受信任的主机组、代码完整性策略、tpm 基线和 tpm 标识符Import HGS settings from your backup to restore the trusted host groups, code integrity policies, TPM baselines, and TPM identifiers


新的 HGS 群集不需要使用与从中导出备份文件的 HGS 实例相同的证书、服务名称或域。The new HGS cluster does not need to use the same certificates, service name, or domain as the HGS instance from which your backup file was exported.

从备份导入设置Import settings from a backup

若要从备份文件将证明策略、基于 PFX 的证书和非 PFX 证书的公钥还原到 HGS 节点,请在初始化的 HGS 服务器节点上运行以下命令。To restore attestation policies, PFX-based certificates, and the public keys of non-PFX certificates to your HGS node from a backup file, run the following command on an initialized HGS server node. 系统将提示你输入创建备份时指定的密码。You will be prompted to enter the password you specified when creating the backup.

Import-HgsServerState -Path C:\Temp\HGSBackup.xml

如果只想导入管理受信任的证明策略或受 TPM 信任的证明策略,则可以通过将 -ImportActiveDirectoryModeState 或标志指定 -ImportTpmModeStateHgsServerState来实现此目的。If you only want to import admin-trusted attestation policies or TPM-trusted attestation policies, you can do so by specifying the -ImportActiveDirectoryModeState or -ImportTpmModeState flags to Import-HgsServerState.

确保在运行之前已安装 Windows Server 2016 的最新累积更新 Import-HgsServerStateEnsure the latest cumulative update for Windows Server 2016 is installed before running Import-HgsServerState. 否则,可能会导致导入错误。Failure to do so may result in an import error.


如果在已安装了一个或多个策略的现有 HGS 节点上还原策略,则导入命令将为每个重复策略显示错误。If you restore policies on an existing HGS node that already has one or more of those policies installed, the import command will show an error for each duplicate policy. 这是预期的行为,在大多数情况下可以放心地忽略。This is an expected behavior and can be safely ignored in most cases.

重新安装证书的私钥Reinstall private keys for certificates

如果使用指纹添加了用于创建备份的 HGS 上的任何证书,则备份文件中仅包含这些证书的公钥。If any of the certificates used on the HGS from which the backup was created were added using thumbprints, only the public key of those certificates will be included in the backup file. 这意味着,你将需要为这些证书中的每个证书手动安装和/或授予访问权限,然后才能通过 Hyper-v 主机处理请求。This means that you will need to manually install and/or grant access to the private keys for each of those certificates before HGS can service requests from Hyper-V hosts. 完成该步骤所需的操作因证书最初颁发方式的不同而异。The actions necessary to complete that step varies depending on how your certificate was originally issued. 对于证书颁发机构颁发的软件支持的证书,你将需要联系你的 CA 以获取私钥,并按照它们的说明在 每个 HGS 节点上安装它。For software-backed certificates issued by a certificate authority, you will need to contact your CA to get the private key and install it on each HGS node per their instructions. 同样,如果你的证书支持硬件,你将需要咨询你的硬件安全模块供应商的文档,以在每个 HGS 节点上安装所需的驱动) (程序,以连接到 HSM 并授予每台计算机访问私钥的权限。Similarly, if your certificates are hardware-backed, you will need to consult your hardware security module vendor's documentation to install the necessary driver(s) on each HGS node to connect to the HSM and grant each machine access to the private key.

提醒使用指纹添加到 HGS 的证书需要手动将私钥复制到每个节点。As a reminder, certificates added to HGS using thumbprints require manual replication of the private keys to each node. 你将需要在添加到已还原的 HGS 群集的每个附加节点上重复此步骤。You will need to repeat this step on each additional node you add to the restored HGS cluster.

查看导入的证明策略Review imported attestation policies

从备份导入设置后,建议你使用仔细检查所有导入的策略,以 Get-HgsAttestationPolicy 确保仅你信任的主机运行受防护的 vm 才能成功证明。After you've imported your settings from a backup, it is recommended to closely review all the imported policies using Get-HgsAttestationPolicy to make sure only the hosts you trust to run shielded VMs will be able to successfully attest. 如果找到不再符合安全状况的任何策略,则可以 禁用或删除它们If you find any policies which no longer match your security posture, you can disable or remove them.

运行诊断以检查系统状态Run diagnostics to check system state

完成设置并还原 HGS 节点的状态之后,您应该运行 HGS 诊断工具来检查系统的状态。After you have finished setting up and restoring the state of your HGS node, you should run the HGS diagnostics tool to check the state of the system. 为此,请在你还原了配置的 HGS 节点上运行以下命令:To do this, run the following command on the HGS node where you restored the configuration:

Get-HgsTrace -RunDiagnostics

如果 "总体结果" 未 "通过",则需要执行其他步骤才能完成系统的配置。If the "Overall Result" is not "Pass", additional steps are required to finish configuring the system. 检查失败的 subtest (s) 中报告的消息以获取详细信息。Check the messages reported in the subtest(s) that failed for more information.

修补 HGSPatching HGS

务必要使主机保护者服务节点保持最新状态,方法是在最新的累积更新推出时进行安装。如果要设置全新的 HGS 节点,强烈建议您在安装 HGS 角色之前安装任何可用的更新,或者对其进行配置。It is important to keep your Host Guardian Service nodes up to date by installing the latest cumulative update when it comes out. If you are setting up a brand new HGS node, it is highly recommended that you install any available updates before installing the HGS role or configuring it. 这将确保任何新功能或更改的功能将立即生效。This will ensure any new or changed functionality will take effect immediately.

修补受保护的构造时,强烈建议先升级 所有 hyper-v 主机, 然后再升级 HGSWhen patching your guarded fabric, it is strongly recommended that you first upgrade all Hyper-V hosts before upgrading HGS. 这是为了确保在 Hyper-v 主机经过更新 对 HGS 上的证明策略进行的任何更改,以提供它们所需的信息。This is to ensure that any changes to the attestation policies on HGS are made after the Hyper-V hosts have been updated to provide the information needed for them. 如果更新将更改策略的行为,则不会自动启用这些策略,以免中断构造。If an update is going to change the behavior of policies, they will not automatically be enabled to avoid disrupting your fabric. 此类更新要求你遵循以下部分中的指导来激活新的或更改的证明策略。Such updates require that you follow the guidance in the following section to activate the new or changed attestation policies. 建议你阅读 Windows Server 的发行说明和你安装的所有累积更新,以检查是否需要策略更新。We encourage you to read the release notes for Windows Server and any cumulative updates you install to check if the policy updates are required.

需要策略激活的更新Updates requiring policy activation

如果 HGS 的更新引入或明显更改了证明策略的行为,则需要执行额外的步骤来激活已更改的策略。If an update for HGS introduces or significantly changes the behavior of an attestation policy, an additional step is required to activate the changed policy. 仅在导出和导入 HGS 状态之后才会进行策略更改。Policy changes are only enacted after exporting and importing the HGS state. 仅应在对环境中的所有主机和所有 HGS 节点应用累积更新之后,才能激活新的或更改的策略。You should only activate the new or changed policies after you have applied the cumulative update to all hosts and all HGS nodes in your environment. 每台计算机都进行了更新后,在任何 HGS 节点上运行以下命令以触发升级过程:Once every machine has been updated, run the following commands on any HGS node to trigger the upgrade process:

$password = Read-Host -AsSecureString -Prompt "Enter a temporary password"
Export-HgsServerState -Path .\temporaryExport.xml -Password $password
Import-HgsServerState -Path .\temporaryExport.xml -Password $password

如果引入了新策略,则默认情况下会将其禁用。If a new policy was introduced, it will be disabled by default. 若要启用新策略,请先在 Microsoft 策略列表中找到该策略 (以 "HGS_ ) " 为前缀,然后使用以下命令启用该策略:To enable the new policy, first find it in the list of Microsoft policies (prefixed with 'HGS_') and then enable it using the following commands:


Enable-HgsAttestationPolicy -Name <Hgs_NewPolicyName>

管理证明策略Managing attestation policies

HGS 维护多个证明策略,这些策略定义主机在被视为 "正常" 并允许运行受防护的 Vm 时必须满足的最低要求。HGS maintains several attestation policies which define the minimum set of requirements a host must meet in order to be deemed "healthy" and allowed to run shielded VMs. 其中的某些策略由 Microsoft 定义,而其他策略则由你添加,以定义你的环境中允许的代码完整性策略、TPM 基线和主机。Some of these policies are defined by Microsoft, others are added by you to define the allowable code integrity policies, TPM baselines, and hosts in your environment. 需要定期维护这些策略,以确保在更新和替换主机时主机可以继续证明,并确保阻止不受信任的主机或配置成功证明。Regular maintenance of these policies is necessary to ensure hosts can continue attesting properly as you update and replace them, and to ensure any untrusted hosts or configurations are blocked from successfully attesting.

对于管理员信任的证明,只有一个策略可确定主机是否正常:已知的受信任安全组中的成员身份。For admin-trusted attestation, there is only one policy which determines if a host is healthy: membership in a known, trusted security group. TPM 证明更为复杂,它涉及各种策略来度量系统的代码和配置,然后确定其是否正常。TPM attestation is more complicated, and involves various policies to measure the code and configuration of a system before determining if it is healthy.

一次可以同时为一个 HGS 配置 Active Directory 和 TPM 策略,但该服务将仅检查策略是否为当前模式,当主机尝试证明时,它将针对该模式进行配置。A single HGS can be configured with both Active Directory and TPM policies at once, but the service will only check the policies for the current mode which it is configured for when a host tries attesting. 若要检查 HGS 服务器的模式,请运行 Get-HgsServerTo check the mode of your HGS server, run Get-HgsServer.

默认策略Default policies

对于受 TPM 信任的证明,在 HGS 上配置了多个内置策略。For TPM-trusted attestation, there are several built-in policies configured on HGS. 其中部分策略为 "已锁定"--表示出于安全原因,不能禁用它们。Some of these policies are "locked" -- meaning that they cannot be disabled for security reasons. 下表说明了每个默认策略的用途。The table below explains the purpose of each default policy.

策略名称Policy Name 目的Purpose
Hgs_SecureBootEnabledHgs_SecureBootEnabled 要求主机启用安全启动。Requires hosts to have Secure Boot enabled. 这对于度量启动二进制文件和其他 UEFI 锁定的设置是必需的。This is necessary to measure the startup binaries and other UEFI-locked settings.
Hgs_UefiDebugDisabledHgs_UefiDebugDisabled 确保主机未启用内核调试器。Ensures hosts do not have a kernel debugger enabled. 已阻止用户模式调试器和代码完整性策略。User-mode debuggers are blocked with code integrity policies.
Hgs_SecureBootSettingsHgs_SecureBootSettings 用于确保主机与至少一个 (管理定义) TPM 基线匹配的消极策略。Negative policy to ensure hosts match at least one (admin-defined) TPM baseline.
Hgs_CiPolicyHgs_CiPolicy 消极策略,以确保主机使用一个管理员定义的 CI 策略。Negative policy to ensure hosts are using one of the admin-defined CI policies.
Hgs_HypervisorEnforcedCiPolicyHgs_HypervisorEnforcedCiPolicy 要求虚拟机监控程序强制实施代码完整性策略。Requires the code integrity policy to be enforced by the hypervisor. 如果禁用此策略,则会受损针对内核模式代码完整性策略的攻击进行保护。Disabling this policy weakens your protections against kernel-mode code integrity policy attacks.
Hgs_FullBootHgs_FullBoot 确保主机未从睡眠或休眠状态中恢复。Ensures the host did not resume from sleep or hibernation. 必须正确地重新启动主机或关闭主机才能传递此策略。Hosts must be properly restarted or shut down to pass this policy.
Hgs_VsmIdkPresentHgs_VsmIdkPresent 需要在主机上运行基于虚拟化的安全性。Requires virtualization based security to be running on the host. IDK 表示加密发送回主机安全内存空间的信息所需的密钥。The IDK represents the key necessary to encrypt information sent back to the host's secure memory space.
Hgs_PageFileEncryptionEnabledHgs_PageFileEncryptionEnabled 要求在主机上加密页面页面。Requires pagefiles to be encrypted on the host. 如果检查了租户机密的未加密页面文件,禁用此策略可能会导致信息泄露。Disabling this policy could result in information exposure if an unencrypted pagefile is inspected for tenant secrets.
Hgs_BitLockerEnabledHgs_BitLockerEnabled 需要在 Hyper-v 主机上启用 BitLocker。Requires BitLocker to be enabled on the Hyper-V host. 出于性能原因,默认情况下禁用此策略,不建议启用此策略。This policy is disabled by default for performance reasons and is not recommended to be enabled. 此策略与受防护的 Vm 本身的加密无关。This policy has no bearing on the encryption of the shielded VMs themselves.
Hgs_IommuEnabledHgs_IommuEnabled 要求主机使用 IOMMU 设备来防止直接内存访问攻击。Requires that the host have an IOMMU device in use to prevent direct memory access attacks. 禁用此策略并使用未启用 IOMMU 的主机可能会公开租户 VM 机密,以直接进行内存攻击。Disabling this policy and using hosts without an IOMMU enabled can expose tenant VM secrets to direct memory attacks.
Hgs_NoHibernationHgs_NoHibernation 需要在 Hyper-v 主机上禁用休眠。Requires hibernation to be disabled on the Hyper-V host. 禁用此策略可能允许主机将受防护的 VM 内存保存到未加密的休眠文件。Disabling this policy could allow hosts to save shielded VM memory to an unencrypted hibernation file.
Hgs_NoDumpsHgs_NoDumps 需要在 Hyper-v 主机上禁用内存转储。Requires memory dumps to be disabled on the Hyper-V host. 如果禁用此策略,则建议你配置转储加密以防止将受防护的 VM 内存保存到未加密的故障转储文件。If you disable this policy, it is recommended that you configure dump encryption to prevent shielded VM memory from being saved to unencrypted crash dump files.
Hgs_DumpEncryptionHgs_DumpEncryption 如果在 Hyper-v 主机上启用了内存转储,则需要使用 HGS 信任的加密密钥对其进行加密。Requires memory dumps, if enabled on the Hyper-V host, to be encrypted with an encryption key trusted by HGS. 如果主机上未启用转储,则不会应用此策略。This policy does not apply if dumps are not enabled on the host. 如果这两个策略和 Hgs _ NoDumps 都处于禁用状态,则可以将受防护的 VM 内存保存到未加密的转储文件。If this policy and Hgs_NoDumps are both disabled, shielded VM memory could be saved to an unencrypted dump file.
Hgs_DumpEncryptionKeyHgs_DumpEncryptionKey 否定策略:确保配置为允许内存转储的主机使用的是管理员定义的转储文件加密密钥。Negative policy to ensure hosts configured to allow memory dumps are using an admin-defined dump file encryption key known to HGS. 禁用 Hgs _ DumpEncryption 后,此策略不适用。This policy does not apply when Hgs_DumpEncryption is disabled.

授权新的受保护主机Authorizing new guarded hosts

若要授权新主机成为受保护的主机 (例如,证明已成功) ,则在配置为使用该主机上运行的软件) 时,HGS 必须信任该主机并 (。To authorize a new host to become a guarded host (e.g. attest successfully), HGS must trust the host and (when configured to use TPM-trusted attestation) the software running on it. 授权新主机的步骤会有所不同,这取决于当前配置了 HGS 的证明模式。The steps to authorize a new host differ based on the attestation mode for which HGS is currently configured. 若要查看受保护的构造的证明模式,请 Get-HgsServer 在任何 HGS 节点上运行。To check the attestation mode for your guarded fabric, run Get-HgsServer on any HGS node.

软件配置Software configuration

在新的 Hyper-v 主机上,确保已安装 Windows Server 2016 Datacenter edition。On the new Hyper-V host, ensure that Windows Server 2016 Datacenter edition is installed. Windows Server 2016 Standard 无法在受保护的构造中运行受防护的 Vm。Windows Server 2016 Standard cannot run shielded VMs in a guarded fabric. 主机可能已安装桌面体验或服务器核心。The host may be installed Desktop Experience or Server Core.

在具有桌面体验和服务器核心的服务器上,需要安装 Hyper-v 和主机保护者 Hyper-v 支持服务器角色:On server with desktop experience and Server Core, you need to install the Hyper-V and Host Guardian Hyper-V Support server roles:

Install-WindowsFeature Hyper-V, HostGuardian -IncludeManagementTools -Restart

管理员信任的证明Admin-trusted attestation

若要在使用管理员信任的证明时在 HGS 中注册新主机,必须首先将该主机添加到它所加入的域中的安全组。To register a new host in HGS when using admin-trusted attestation, you must first add the host to a security group in the domain to which it's joined. 通常,每个域都将有一个安全组用于受保护的主机。Typically, each domain will have one security group for guarded hosts. 如果已使用 HGS 注册该组,则需要执行的唯一操作是重新启动主机以刷新其组成员身份。If you have already registered that group with HGS, the only action you need to take is to restart the host to refresh its group membership.

可以通过运行以下命令来检查 HGS 信任哪些安全组:You can check which security groups are trusted by HGS by running the following command:


若要向 HGS 注册新的安全组,请首先在主机的域中捕获组的安全标识符 (SID) ,并向 HGS 注册 SID。To register a new security group with HGS, first capture the security identifier (SID) of the group in the host's domain and register the SID with HGS.

Add-HgsAttestationHostGroup -Name "Contoso Guarded Hosts" -Identifier "S-1-5-21-3623811015-3361044348-30300820-1013"

部署指南中提供了有关如何在主机域和 HGS 之间设置信任关系的说明。Instructions on how to set up the trust between the host domain and HGS are available in the deployment guide.

受 TPM 信任的证明TPM-trusted attestation

如果在 TPM 模式下配置了 HGS,主机必须通过 "Hgs_" 前缀的所有锁定策略和 "已启用" 策略,以及至少一个 TPM 基线、TPM 标识符和代码完整性策略。When HGS is configured in TPM mode, hosts must pass all locked policies and "enabled" policies prefixed with "Hgs_", as well as at least one TPM baseline, TPM identifier, and code integrity policy. 每次添加新主机时,都需要向 HGS 注册新的 TPM 标识符。Each time you add a new host, you will need to register the new TPM identifier with HGS. 只要该主机运行 (相同的软件,并将与你的环境中的另一台主机相同的代码完整性策略应用) 和 TPM 基准,就无需添加新的 CI 策略或基线。As long as the host is running the same software (and has the same code integrity policy applied) and TPM baseline as another host in your environment, you will not need to add new CI policies or baselines.

为新主机添加 TPM 标识符 在新主机上运行以下命令来捕获 TPM 标识符。Adding the TPM identifier for a new host On the new host, run the following command to capture the TPM identifier. 请确保为主机指定一个唯一的名称,以帮助你在 HGS 上查找该主机。Be sure to specify a unique name for the host that will help you look it up on HGS. 如果停止主机,或想要阻止它在 HGS 中运行受防护的 Vm,将需要此信息。You will need this information if you decommission the host or want to prevent it from running shielded VMs in HGS.

(Get-PlatformIdentifier -Name "Host01").InnerXml | Out-File C:\temp\host01.xml -Encoding UTF8

将此文件复制到你的 HGS 服务器,并运行以下命令以向 HGS 注册该主机。Copy this file to your HGS server, then run the following command to register the host with HGS.

Add-HgsAttestationTpmHost -Name 'Host01' -Path C:\temp\host01.xml

添加新的 TPM 基线 如果新主机正在为你的环境运行新的硬件或固件配置,则可能需要采用新的 TPM 基线。Adding a new TPM baseline If the new host is running a new hardware or firmware configuration for your environment, you may need to take a new TPM baseline. 为此,请在主机上运行以下命令。To do this, run the following command on the host.

Get-HgsAttestationBaselinePolicy -Path 'C:\temp\hardwareConfig01.tcglog'


如果收到一条错误消息,指出主机未通过验证,并且不能成功证明,请不要担心。If you receive an error saying your host failed validation and will not successfully attest, do not worry. 这是一项先决条件检查,确保你的主机可以运行受防护的 Vm,并且可能意味着你尚未应用代码完整性策略或其他所需的设置。This is a prerequisite check to make sure your host can run shielded VMs, and likely means that you have not yet applied a code integrity policy or other required setting. 请阅读错误消息,进行任何建议的更改,然后重试。Read the error message, make any changes suggested by it, then try again. 或者,你可以通过将标志添加到命令来随时跳过验证 -SkipValidationAlternatively, you can skip the validation at this time by adding the -SkipValidation flag to the command.

将 TPM 基线复制到 HGS 服务器,并将其注册到以下命令。Copy the TPM baseline to your HGS server, then register it with the following command. 建议使用命名约定,以帮助你了解 Hyper-v 主机的此类的硬件和固件配置。We encourage you to use a naming convention that helps you understand the hardware and firmware configuration of this class of Hyper-V host.

Add-HgsAttestationTpmPolicy -Name 'HardwareConfig01' -Path 'C:\temp\hardwareConfig01.tcglog'

添加新的代码完整性策略 如果更改了在 Hyper-v 主机上运行的代码完整性策略,则需要先向 HGS 注册新策略,然后这些主机才能成功证明。Adding a new code integrity policy If you have changed the code integrity policy running on your Hyper-V hosts, you will need to register the new policy with HGS before those hosts can successfully attest. 在用作环境中受信任 Hyper-v 计算机的主映像的引用主机上,使用命令捕获新的 CI 策略 New-CIPolicyOn a reference host, which serves as a master image for the trusted Hyper-V machines in your environment, capture a new CI policy using the New-CIPolicy command. 建议使用 Hyper-v 主机 CI 策略的 FilePublisher 级别和 哈希 回退。We encourage you to use the FilePublisher level and Hash fallback for Hyper-V host CI policies. 应该首先在审核模式下创建 CI 策略,以确保一切按预期运行。You should first create a CI policy in audit mode to ensure that everything is working as expected. 验证系统上的示例工作负荷后,可以强制实施该策略,并将强制版本复制到 HGS。After validating a sample workload on the system, you can enforce the policy and copy the enforced version to HGS. 有关代码完整性策略配置选项的完整列表,请参阅 Device Guard 文档For a complete list of code integrity policy configuration options, consult the Device Guard documentation.

# Capture a new CI policy with the FilePublisher primary level and Hash fallback and enable user mode code integrity protections
New-CIPolicy -FilePath 'C:\temp\ws2016-hardware01-ci.xml' -Level FilePublisher -Fallback Hash -UserPEs

# Apply the CI policy to the system
ConvertFrom-CIPolicy -XmlFilePath 'C:\temp\ws2016-hardware01-ci.xml' -BinaryFilePath 'C:\temp\ws2016-hardware01-ci.p7b'
Copy-Item 'C:\temp\ws2016-hardware01-ci.p7b' 'C:\Windows\System32\CodeIntegrity\SIPolicy.p7b'

# Check the event log for any untrusted binaries and update the policy if necessary
# Consult the Device Guard documentation for more details

# Change the policy to be in enforced mode
Set-RuleOption -FilePath 'C:\temp\ws2016-hardare01-ci.xml' -Option 3 -Delete

# Apply the enforced CI policy on the system
ConvertFrom-CIPolicy -XmlFilePath 'C:\temp\ws2016-hardware01-ci.xml' -BinaryFilePath 'C:\temp\ws2016-hardware01-ci.p7b'
Copy-Item 'C:\temp\ws2016-hardware01-ci.p7b' 'C:\Windows\System32\CodeIntegrity\SIPolicy.p7b'

创建、测试和实施策略后,将二进制文件 (. p7b) 复制到 HGS 服务器并注册策略。Once you have your policy created, tested and enforced, copy the binary file (.p7b) to your HGS server and register the policy.

Add-HgsAttestationCiPolicy -Name 'WS2016-Hardware01' -Path 'C:\temp\ws2016-hardware01-ci.p7b'

添加内存转储加密密钥Adding a memory dump encryption key

禁用了 hgs _ NoDumps 策略并启用了 hgs _ DumpEncryption 策略后,受保护的主机可以有内存转储 (包括故障转储) 要在这些转储已加密的情况下启用。When the Hgs_NoDumps policy is disabled and Hgs_DumpEncryption policy is enabled, guarded hosts are allowed to have memory dumps (including crash dumps) to be enabled as long as those dumps are encrypted. 受保护的主机只有在禁用了内存转储或使用 HGS 知道的密钥对其进行加密的情况才会通过证明。Guarded hosts will only pass attestation if they either have memory dumps disabled or are encrypting them with a key known to HGS. 默认情况下,不在 HGS 上配置转储加密密钥。By default, no dump encryption keys are configured on HGS.

若要将转储加密密钥添加到 HGS,请使用 Add-HgsAttestationDumpPolicy cmdlet 向 hgs 提供转储加密密钥的哈希。To add a dump encryption key to HGS, use the Add-HgsAttestationDumpPolicy cmdlet to provide HGS with the hash of your dump encryption key. 如果在配置了转储加密的 Hyper-v 主机上捕获 TPM 基线,则哈希将包含在 tcglog 中,并可提供给 Add-HgsAttestationDumpPolicy cmdlet。If you capture a TPM baseline on a Hyper-V host configured with dump encryption, the hash is included in the tcglog and can be provided to the Add-HgsAttestationDumpPolicy cmdlet.

Add-HgsAttestationDumpPolicy -Name 'DumpEncryptionKey01' -Path 'C:\temp\TpmBaselineWithDumpEncryptionKey.tcglog'

或者,可以直接向 cmdlet 提供哈希的字符串表示形式。Alternatively, you can directly provide the string representation of the hash to the cmdlet.

Add-HgsAttestationDumpPolicy -Name 'DumpEncryptionKey02' -PublicKeyHash '<paste your hash here>'

如果选择在受保护的构造中使用不同的密钥,请确保将每个唯一的转储加密密钥添加到 HGS。Be sure to add each unique dump encryption key to HGS if you choose to use different keys across your guarded fabric. 使用 HGS 无法识别的密钥加密内存转储的主机将不会通过证明。Hosts that are encrypting memory dumps with a key not known to HGS will not pass attestation.

有关 在主机上配置转储加密的详细信息,请参阅 hyper-v 文档。Consult the Hyper-V documentation for more information about configuring dump encryption on hosts.

检查系统是否通过了证明Check if the system passed attestation

向 HGS 注册必要的信息后,应检查主机是否通过证明。After registering the necessary information with HGS, you should check if the host passes attestation. 在新添加的 Hyper-v 主机上,运行 Set-HgsClientConfiguration 并为你的 HGS 群集提供正确的 url。On the newly-added Hyper-V host, run Set-HgsClientConfiguration and supply the correct URLs for your HGS cluster. 可以通过 Get-HgsServer 在任何 HGS 节点上运行来获取这些 url。These URLs can be obtained by running Get-HgsServer on any HGS node.

Set-HgsClientConfiguration -KeyProtectionServerUrl 'http://hgs.bastion.local/KeyProtection' -AttestationServerUrl 'http://hgs.bastion.local/Attestation'

如果生成的状态不是 "IsHostGuarded: True",则需要对配置进行故障排除。If the resulting status does not indicate "IsHostGuarded : True" you will need to troubleshoot the configuration. 在证明失败的主机上,运行以下命令以获取有关可能有助于解决失败的证明的问题的详细报告。On the host that failed attestation, run the following command to get a detailed report about issues that may help you resolve the failed attestation.

Get-HgsTrace -RunDiagnostics -Detailed


如果使用的是 Windows Server 2019 或 Windows 10,版本1809,并且使用代码完整性策略, Get-HgsTrace 则可能会返回 " 代码完整性" 策略活动 诊断的失败。If you're using Windows Server 2019 or Windows 10, version 1809 and are using code integrity policies, Get-HgsTrace may return a failure for the Code Integrity Policy Active diagnostic. 如果这是唯一失败的诊断,则可以安全地忽略此结果。You can safely ignore this result when it is the only failing diagnostic.

查看证明策略Review attestation policies

若要查看在 HGS 上配置的策略的当前状态,请在任何 HGS 节点上运行以下命令:To review the current state of the policies configured on HGS, run the following commands on any HGS node:

# List all trusted security groups for admin-trusted attestation

# List all policies configured for TPM-trusted attestation

如果发现已启用的策略不再满足安全要求 (例如,旧的代码完整性策略现在被视为不安全) ,你可以通过在以下命令中替换策略名称来禁用它:If you find a policy enabled that no longer meets your security requirement (e.g. an old code integrity policy which is now deemed unsafe), you can disable it by replacing the name of the policy in the following command:

Disable-HgsAttestationPolicy -Name 'PolicyName'

同样,你可以使用 Enable-HgsAttestationPolicy 重新启用策略。Similarly, you can use Enable-HgsAttestationPolicy to re-enable a policy.

如果不再需要某个策略,并希望从所有 HGS 节点中删除该策略,请运行 Remove-HgsAttestationPolicy -Name 'PolicyName' 以永久删除该策略。If you no longer need a policy and wish to remove it from all HGS nodes, run Remove-HgsAttestationPolicy -Name 'PolicyName' to permanently delete the policy.

更改证明模式Changing attestation modes

如果你使用管理员信任的证明启动了受保护的构造,则你可能希望在你的环境中有足够的与 TPM 2.0 兼容的主机之后升级到更强大的 TPM 证明模式。If you started your guarded fabric using admin-trusted attestation, you will likely want to upgrade to the much-stronger TPM attestation mode as soon as you have enough TPM 2.0-compatible hosts in your environment. 当你准备好进行切换时,你可以在 HGS 中预加载所有证明项目 (CI 策略、TPM 基线和 TPM 标识符) ,同时继续运行具有管理员信任的证明的 HGS。When you're ready to switch, you can pre-load all of the attestation artifacts (CI policies, TPM baselines and TPM identifiers) in HGS while continuing to run HGS with admin-trusted attestation. 为此,只需遵循 授权新的受保护主机 部分中的说明。To do this, simply follow the instruction in the authorizing a new guarded host section.

将所有策略添加到 HGS 后,下一步就是在主机上运行综合证明尝试,以查看它们是否会在 TPM 模式下传递证明。Once you've added all of your policies to HGS, the next step is to run a synthetic attestation attempt on your hosts to see if they would pass attestation in TPM mode. 这不会影响 HGS 的当前操作状态。This does not affect the current operational state of HGS. 下面的命令必须在对环境中的所有主机具有访问权限的计算机上运行,并且必须在至少一个 HGS 节点上运行。The commands below must be run on a machine that has access to all of the hosts in the environment and at least one HGS node. 如果你的防火墙或其他安全策略阻止了此操作,则可以跳过此步骤。If your firewall or other security policies prevent this, you can skip this step. 如果可能,我们建议运行综合证明,以提供有关 "翻转" 到 TPM 模式是否会导致 Vm 停机的良好指示。When possible, we recommend running the synthetic attestation to give you a good indication of whether "flipping" to TPM mode will cause downtime for your VMs.

# Get information for each host in your environment
$hostNames = 'host01.contoso.com', 'host02.contoso.com', 'host03.contoso.com'
$credential = Get-Credential -Message 'Enter a credential with admin privileges on each host'
$targets = @()
$hostNames | ForEach-Object { $targets += New-HgsTraceTarget -Credential $credential -Role GuardedHost -HostName $_ }

$hgsCredential = Get-Credential -Message 'Enter an admin credential for HGS'
$targets += New-HgsTraceTarget -Credential $hgsCredential -Role HostGuardianService -HostName 'HGS01.bastion.local'

# Initiate the synthetic attestation attempt
Get-HgsTrace -RunDiagnostics -Target $targets -Diagnostic GuardedFabricTpmMode

诊断完成后,请查看输出的信息,以确定是否有任何主机在 TPM 模式下出现失败的证明。After the diagnostics complete, review the outputted information to determine if any hosts would have failed attestation in TPM mode. 重新运行诊断,直到从每个主机获得 "pass",然后继续将 HGS 更改为 TPM 模式。Re-run the diagnostics until you get a "pass" from each host, then proceed to change HGS to TPM mode.

更改为 TPM 模式 只需一秒钟即可完成。Changing to TPM mode takes just a second to complete. 在任何 HGS 节点上运行以下命令以更新证明模式。Run the following command on any HGS node to update the attestation mode.

Set-HgsServer -TrustTpm

如果遇到问题,需要切换回 Active Directory 模式,则可以通过运行来执行此操作 Set-HgsServer -TrustActiveDirectoryIf you run into problems and need to switch back to Active Directory mode, you can do so by running Set-HgsServer -TrustActiveDirectory.

确认所有内容均按预期工作后,应从 HGS 中删除所有受信任的 Active Directory 主机组,并删除 HGS 与 fabric 域之间的信任。Once you have confirmed everything is working as expected, you should remove all trusted Active Directory host groups from HGS and remove the trust between the HGS and fabric domains. 如果你保留 Active Directory 信任,则会有用户重新启用信任并将 HGS 切换为 Active Directory 模式的风险,这可能会允许不受信任的代码在受保护的主机上以未选中状态运行。If you leave the Active Directory trust in place, you risk someone re-enabling the trust and switching HGS to Active Directory mode, which could allow untrusted code to run unchecked on your guarded hosts.

密钥管理Key management

受保护的构造解决方案使用多个公钥/私钥对来验证解决方案中各种组件的完整性,并对租户机密进行加密。The guarded fabric solution uses several public/private key pairs to validate the integrity of various components in the solution and encrypt tenant secrets. 主机保护者服务至少使用两个证书进行配置, (使用公钥和私钥) ,这些密钥用于对用于启动受防护的 Vm 的密钥进行签名和加密。The Host Guardian Service is configured with at least two certificates (with public and private keys), which are used for signing and encrypting the keys used to start up shielded VMs. 必须谨慎管理这些密钥。Those keys must be carefully managed. 如果某个攻击者获取了私钥,他们将能够 unshield 在你的构造上运行的任何 Vm,或设置一个使用较弱的证明策略的冒名顶替者 HGS 群集,绕过你放置的保护。If the private key is acquired by an adversary, they will be able to unshield any VMs running on your fabric or set up an imposter HGS cluster that uses weaker attestation policies to bypass the protections you put in place. 如果在发生灾难时丢失私钥,而在备份中找不到私钥,则需要设置一对新的密钥,并让每个 VM 进行重新注册以授权新证书。Should you lose the private keys during a disaster and not find them in a backup, you will need to set up a new pair of keys and have each VM re-keyed to authorize your new certificates.

本部分介绍了一些常规的关键管理主题,这些主题可帮助你配置密钥,使其正常运行。This section covers general key management topics to help you configure your keys so they are functional and secure.

添加新密钥Adding new keys

尽管必须用一组密钥初始化 HGS,但你可以将多个加密和签名密钥添加到 HGS。While HGS must be initialized with one set of keys, you can add more than one encryption and signing key to HGS. 向 HGS 添加新密钥的两个最常见原因是:The two most common reasons why you would add new keys to HGS are:

  1. 为了支持 "自带密钥" 方案,租户会将私钥复制到您的硬件安全模块,并且仅授权其密钥启动其受防护的 Vm。To support "bring your own key" scenarios where tenants copy their private keys to your hardware security module and only authorize their keys to start up their shielded VMs.
  2. 若要替换 HGS 的现有密钥,请首先添加新密钥并保留两组密钥,直到每个 VM 配置都已更新为使用新密钥。To replace the existing keys for HGS by first adding the new keys and keeping both sets of keys until each VM configuration has been updated to use the new keys.

根据所使用的证书类型,添加新密钥的过程会有所不同。The process to add your new keys differs based on the type of certificate you are using.

选项1:添加存储在 HSM 中的证书Option 1: Adding a certificate stored in an HSM

建议使用在 (HSM) 的硬件安全模块中创建的证书。Our recommended approach for securing HGS keys is to use certificates created in a hardware security module (HSM). Hsm 确保密钥的使用与数据中心内对安全敏感设备的物理访问相关联。HSMs ensure use of your keys is tied to physical access to a security-sensitive device in your datacenter. 每个 HSM 都是不同的,并且具有创建证书并将其注册到 HGS 的唯一过程。Each HSM is different and has a unique process to create certificates and register them with HGS. 下面的步骤旨在为使用 HSM 的证书提供大致指导。The steps below are intended to provide rough guidance for using HSM backed certificates. 请参阅 HSM 供应商文档,了解确切的步骤和功能。Consult your HSM vendor's documentation for exact steps and capabilities.

  1. 在群集中的每个 HGS 节点上安装 HSM 软件。Install the HSM software on each HGS node in your cluster. 根据你是使用网络还是本地 HSM 设备,你可能需要配置 HSM 以授予计算机对其密钥存储的访问权限。Depending on whether you have a network or local HSM device, you may need to configure the HSM to grant your machine access to its key store.

  2. 在 HSM 中创建2个证书,其中包含2048位用于加密和签名的RSA 密钥Create 2 certificates in the HSM with 2048 bit RSA keys for encryption and signing

    1. 使用 HSM 中的 数据加密 密钥用法属性创建加密证书Create an encryption certificate with the Data Encipherment key usage property in your HSM
    2. 使用 HSM 中的 " 数字签名 密钥用法" 属性创建签名证书Create a signing certificate with the Digital Signature key usage property in your HSM
  3. 按照 HSM 供应商的指南,在每个 HGS 节点的本地证书存储中安装证书。Install the certificates in each HGS node's local certificate store per your HSM vendor's guidance.

  4. 如果 HSM 使用粒度权限向特定应用程序或用户授予使用私钥的权限,则需要向 HGS 组托管服务帐户授予对证书的访问权限。If your HSM uses granular permissions to grant specific applications or users permission to use the private key, you will need to grant your HGS group managed service account access to the certificate. 可以通过运行来查找 HGS gMSA 帐户的名称。 (Get-IISAppPool -Name KeyProtection).ProcessModel.UserNameYou can find the name of the HGS gMSA account by running (Get-IISAppPool -Name KeyProtection).ProcessModel.UserName

  5. 在以下命令中,将指纹替换为证书的指纹,以将签名和加密证书添加到 HGS:Add the signing and encryption certificates to HGS by replacing the thumbprints with those of your certificates' in the following commands:

    Add-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint "AABBCCDDEEFF00112233445566778899"
    Add-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint "99887766554433221100FFEEDDCCBBAA"

选项2:添加不可导出的软件证书Option 2: Adding non-exportable software certificates

如果你的公司或公共证书颁发机构颁发的软件支持的证书具有不可导出的私钥,则需要使用证书的指纹将证书添加到 HGS。If you have a software-backed certificate issued by your company's or a public certificate authority that has a non-exportable private key, you will need to add your certificate to HGS using its thumbprint.

  1. 根据证书颁发机构的说明在计算机上安装证书。Install the certificate on your machine according to your certificate authority's instructions.

  2. 向 HGS 组托管服务帐户授予对证书私钥的读取访问权限。Grant the HGS group managed service account read-access to the private key of the certificate. 可以通过运行来查找 HGS gMSA 帐户的名称。 (Get-IISAppPool -Name KeyProtection).ProcessModel.UserNameYou can find the name of the HGS gMSA account by running (Get-IISAppPool -Name KeyProtection).ProcessModel.UserName

  3. 使用以下命令将证书注册到 HGS,并将证书的指纹替换 (更改 加密签名 证书) :Register the certificate with HGS using the following command and substituting in your certificate's thumbprint (change Encryption to Signing for signing certificates):

    Add-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint "AABBCCDDEEFF00112233445566778899"


你将需要手动安装私钥,并授予对每个 HGS 节点上的 gMSA 帐户的读取访问权限。You will need to manually install the private key and grant read access to the gMSA account on each HGS node. HGS 无法自动复制其指纹注册的 任何 证书的私钥。HGS cannot automatically replicate private keys for any certificate registered by its thumbprint.

选项3:添加存储在 PFX 文件中的证书Option 3: Adding certificates stored in PFX files

如果你有一个软件支持的证书,其中包含可使用 PFX 文件格式存储并使用密码保护的可导出私钥,则 HGS 可以自动管理你的证书。If you have a software-backed certificate with an exportable private key that can be stored in the PFX file format and secured with a password, HGS can automatically manage your certificates for you. 使用 PFX 文件添加的证书会自动复制到 HGS 群集的每个节点,并且 HGS 保护对私钥的访问。Certificates added with PFX files are automatically replicated to every node of your HGS cluster and HGS secures access to the private keys. 若要使用 PFX 文件添加新证书,请在任何 HGS 节点上运行以下命令 (更改 加密签名 证书) :To add a new certificate using a PFX file, run the following commands on any HGS node (change Encryption to Signing for signing certificates):

$certPassword = Read-Host -AsSecureString -Prompt "Provide the PFX file password"
Add-HgsKeyProtectionCertificate -CertificateType Encryption -CertificatePath "C:\temp\encryptionCert.pfx" -CertificatePassword $certPassword

标识和更改主证书 尽管 HGS 可以支持多个签名证书和加密证书,但它使用一个对作为其 "主要" 证书。Identifying and changing the primary certificates While HGS can support multiple signing and encryption certificates, it uses one pair as its "primary" certificates. 如果有人下载该 HGS 群集的监护人元数据,则将使用这些证书。These are the certificates that will be used if someone downloads the guardian metadata for that HGS cluster. 若要检查当前标记为主要证书的证书,请运行以下命令:To check which certificates are currently marked as your primary certificates, run the following command:

Get-HgsKeyProtectionCertificate -IsPrimary $true

若要设置新的主加密或签名证书,请使用以下命令查找所需证书的指纹,并将其标记为主证书:To set a new primary encryption or signing certificate, find the thumbprint of the desired certificate and mark it as primary using the following commands:

Set-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint "AABBCCDDEEFF00112233445566778899" -IsPrimary
Set-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint "99887766554433221100FFEEDDCCBBAA" -IsPrimary

续订或替换密钥Renewing or replacing keys

当你创建 HGS 使用的证书时,将根据你的证书颁发机构的策略和你的请求信息为这些证书分配一个过期日期。When you create the certificates used by HGS, the certificates will be assigned an expiration date according to your certificate authority's policy and your request information. 通常,在证书有效性非常重要的情况下(例如保护 HTTP 通信),必须在证书过期之前续订证书,以避免服务中断或令人不安错误消息。Normally, in scenarios where the validity of the certificate is important such as securing HTTP communications, certificates must be renewed before they expire to avoid a service disruption or worrisome error message. HGS 并不使用证书。HGS does not use certificates in that sense. HGS 只是使用证书来创建和存储非对称密钥对。HGS is simply using certificates as a convenient way to create and store an asymmetric key pair. HGS 上的过期加密或签名证书不表示受防护的 Vm 的保护不受保护。An expired encryption or signing certificate on HGS does not indicate a weakness or loss of protection for shielded VMs. 此外,HGS 不会执行证书吊销检查。Further, certificate revocation checks are not performed by HGS. 如果吊销了 HGS 证书或颁发机构的证书,则不会影响 HGS 证书的使用。If an HGS certificate or issuing authority's certificate is revoked, it will not impact HGS' use of the certificate.

如果有理由相信自己的私钥已被盗,只需担心 HGS 证书。The only time you need to worry about an HGS certificate is if you have reason to believe that its private key has been stolen. 在这种情况下,受防护的 Vm 的完整性存在风险,因为在这种情况下,HGS 加密和签名密钥对的所有权足以删除 VM 上的防护保护,或者创建具有较弱证明策略的虚设 HGS 服务器。In that case, the integrity of your shielded VMs is at risk because possession of the private half of the HGS encryption and signing key pair is enough to remove the shielding protections on a VM or stand up a fake HGS server that has weaker attestation policies.

如果你发现自己在这种情况下,或需要遵守标准来定期刷新证书密钥,则以下步骤概述了在 HGS 服务器上更改密钥的过程。If you find yourself in that situation, or are required by compliance standards to refresh certificate keys regularly, the following steps outline the process to change the keys on an HGS server. 请注意,以下指南表示一项重要的任务,这些任务将导致为 HGS 群集提供的每个 VM 服务中断。Please note that the following guidance represents a significant undertaking that will result in a disruption of service to each VM served by the HGS cluster. 若要最大程度地减少服务中断和确保租户 Vm 的安全性,需要对更改 HGS 密钥进行适当规划。Proper planning for changing HGS keys is required to minimize service disruption and ensure the security of tenant VMs.

在 HGS 节点上,执行以下步骤以注册一对加密证书和签名证书。On an HGS node, perform the following steps to register a new pair of encryption and signing certificates. 若要详细了解如何添加新密钥,请参阅添加 新密钥 部分。See the section on adding new keys for detailed information the various ways to add new keys to HGS.

  1. 为 HGS 服务器创建一对新的加密证书和签名证书。Create a new pair of encryption and signing certificates for your HGS server. 理想情况下,将在硬件安全模块中创建这些。Ideally, these will be created in a hardware security module.

  2. HgsKeyProtectionCertificate注册新的加密证书和签名证书Register the new encryption and signing certificates with Add-HgsKeyProtectionCertificate

    Add-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint <Thumbprint>
    Add-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint <Thumbprint>
  3. 如果使用了指纹,则需要在群集中的每个节点上安装私钥,并授予 HGS gMSA 对密钥的访问权限。If you used thumbprints, you'll need to go to each node in the cluster to install the private key and grant the HGS gMSA access to the key.

  4. 使新证书成为 HGS 中的默认证书Make the new certificates the default certificates in HGS

    Set-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint <Thumbprint> -IsPrimary
    Set-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint <Thumbprint> -IsPrimary

此时,使用从 HGS 节点获取的元数据创建的屏蔽数据将使用新证书,但现有 Vm 将继续工作,因为旧证书仍在那里。At this point, shielding data created with metadata obtained from the HGS node will use the new certificates, but existing VMs will continue to work because the older certificates are still there.

若要确保所有现有 Vm 都可以使用新密钥,需要更新每个 VM 上的密钥保护程序。In order to ensure all existing VMs will work with the new keys, you will need to update the key protector on each VM.

这是一项操作,需要在拥有 "所有者" 监护人) 的 VM 所有者 (人员或实体。This is an action that requires the VM owner (person or entity in possession of the "owner" guardian) to be involved. 对于每个受防护的 VM,请执行以下步骤:For each shielded VM, perform the following steps:

  1. 关闭 VM。Shut down the VM. 在剩余步骤完成之后,无法重新打开 VM,否则你将需要再次开始该过程。The VM cannot be turned back on until the remaining steps are complete or else you will need to start the process over again.

  2. 将当前密钥保护程序保存到文件中: Get-VMKeyProtector -VMName 'VM001' | Out-File '.\VM001.kp'Save the current key protector to a file: Get-VMKeyProtector -VMName 'VM001' | Out-File '.\VM001.kp'

  3. 将 KP 传输到 VM 所有者Transfer the KP to the VM owner

  4. 让所有者从 HGS 下载更新的保护者信息,并将其导入本地系统Have the owner download the updated guardian info from HGS and import it on their local system

  5. 通过运行以下命令,将当前的 KP 读入内存,向新的监护人授予对 KP 的访问权限,并将其保存到新文件中:Read the current KP into memory, grant the new guardian access to the KP, and save it to a new file by running the following commands:

    $kpraw = Get-Content -Path .\VM001.kp
    $kp = ConvertTo-HgsKeyProtector -Bytes $kpraw
    $newGuardian = Get-HgsGuardian -Name 'UpdatedHgsGuardian'
    $updatedKP = Grant-HgsKeyProtectorAccess -KeyProtector $kp -Guardian $newGuardian
    $updatedKP.RawData | Out-File .\updatedVM001.kp
  6. 将更新后的 KP 复制回托管构造。Copy the updated KP back to the hosting fabric.

  7. 将 KP 应用于原始 VM:Apply the KP to the original VM:

    $updatedKP = Get-Content -Path .\updatedVM001.kp
    Set-VMKeyProtector -VMName VM001 -KeyProtector $updatedKP
  8. 最后,启动 VM 并确保其成功运行。Finally, start the VM and ensure it runs successfully.


    如果 VM 所有者在 VM 上设置了不正确的密钥保护程序,并且未授权构造运行 VM,则无法启动受防护的 VM。If the VM owner sets an incorrect key protector on the VM and does not authorize your fabric to run the VM, you will be unable to start up the shielded VM. 若要返回到上一个已知良好的密钥保护程序,请运行 Set-VMKeyProtector -RestoreLastKnownGoodKeyProtectorTo return to the last known good key protector, run Set-VMKeyProtector -RestoreLastKnownGoodKeyProtector

    所有 Vm 都已更新为授权新的监护人密钥后,你可以禁用并删除旧密钥。Once all VMs have been updated to authorize the new guardian keys, you can disable and remove the old keys.

  9. 从获取旧证书的指纹 Get-HgsKeyProtectionCertificate -IsPrimary $falseGet the thumbprints of the old certificates from Get-HgsKeyProtectionCertificate -IsPrimary $false

  10. 通过运行以下命令来禁用每个证书:Disable each certificate by running the following commands:

    Set-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint <Thumbprint> -IsEnabled $false
    Set-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint <Thumbprint> -IsEnabled $false
  11. 在确保 Vm 仍可在禁用证书的情况下启动后,请运行以下命令,从 HGS 删除证书:After ensuring VMs are still able to start with the certificates disabled, remove the certificates from HGS by running the following commands:

    Remove-HgsKeyProtectionCertificate -CertificateType Signing -Thumbprint <Thumbprint>`
    Remove-HgsKeyProtectionCertificate -CertificateType Encryption -Thumbprint <Thumbprint>`


VM 备份将包含旧的密钥保护程序信息,这些信息允许使用旧证书启动 VM。VM backups will contain old key protector information that allow the old certificates to be used to start up the VM. 如果你知道私钥已泄露,则应假设 VM 备份也可以泄露,并采取适当的措施。If you are aware that your private key has been compromised, you should assume that the VM backups can be compromised, too, and take appropriate action. 销毁) ( 的备份中的 VM 配置将删除密钥保护程序,代价是需要使用 BitLocker 恢复密码才能在下一次启动 VM。Destroying the VM configuration from the backups (.vmcx) will remove the key protectors, at the cost of needing to use the BitLocker recovery password to boot the VM the next time.

节点之间的密钥复制Key replication between nodes

HGS 群集中的每个节点都必须在配置) SSL 证书时配置为具有相同的加密、签名和 (。Every node in the HGS cluster must be configured with the same encryption, signing, and (when configured) SSL certificates. 这是为了确保与群集中的任何节点联系的 Hyper-v 主机可以成功地处理其请求。This is necessary to ensure Hyper-V hosts reaching out to any node in the cluster can have their requests serviced successfully.

如果通过基于 PFX 的证书初始化了 hgs 服务器 ,则 hgs 会自动在群集中的每个节点之间复制这些证书的公钥和私钥。If you initialized HGS server with PFX-based certificates then HGS will automatically replicate both the public and private key of those certificates across every node in the cluster. 只需在一个节点上添加密钥。You only need to add the keys on one node.

如果用证书引用或指纹初始化了 hgs 服务器 ,则 hgs 只会将证书中的 公钥 复制到每个节点。If you initialized HGS server with certificate references or thumbprints, then HGS will only replicate the public key in the certificate to each node. 此外,在这种情况下,HGS 无法在任何节点上自行授予对私钥的访问权限。Additionally, HGS cannot grant itself access to the private key on any node in this scenario. 因此,您需要负责执行以下操作:Therefore, it is your responsibility to:

  1. 在每个 HGS 节点上安装私钥Install the private key on each HGS node
  2. 向 HGS 组托管服务帐户授予 (gMSA) 对每个节点上的私钥的访问权限,这些任务增加了额外的操作负担,不过,它们对于支持 HSM 的密钥和包含不可导出的私钥的证书是必需的。Grant the HGS group managed service account (gMSA) access to the private key on each node These tasks add extra operational burden, however they are required for HSM-backed keys and certificates with non-exportable private keys.

SSL 证书 永远不会以任何形式复制。SSL Certificates are never replicated in any form. 您需要在每次选择续订或替换 SSL 证书时,用同一 SSL 证书初始化每个 HGS 服务器并更新每个服务器。It is your responsibility to initialize each HGS server with the same SSL certificate and update each server whenever you choose to renew or replace the SSL certificate. 替换 SSL 证书时,建议使用 HgsServer cmdlet 来执行此操作。When replacing the SSL certificate, it is recommended that you do so using the Set-HgsServer cmdlet.

取消对 HGS 的Unconfiguring HGS

如果需要停止或重新配置 HGS 服务器,可以使用 HgsServerHgsServer cmdlet 执行此操作。If you need to decommission or significantly reconfigure an HGS server, you can do so using the Clear-HgsServer or Uninstall-HgsServer cmdlets.

清除 HGS 配置Clearing the HGS configuration

若要从 HGS 群集中删除节点,请使用 HgsServer cmdlet。To remove a node from the HGS cluster, use the Clear-HgsServer cmdlet. 此 cmdlet 将在运行它的服务器上进行以下更改:This cmdlet will make the following changes on the server where it is run:

  • 注销证明和密钥保护服务Unregisters the attestation and key protection services
  • 删除 "JEA" 管理终结点Removes the "microsoft.windows.hgs" JEA management endpoint
  • 从 HGS 故障转移群集中删除本地计算机Removes the local computer from the HGS failover cluster

如果该服务器是群集中的最后一个 HGS 节点,则群集及其相应的分布式网络名称资源也将被销毁。If the server is the last HGS node in the cluster, the cluster and its corresponding Distributed Network Name resource will also be destroyed.

# Removes the local computer from the HGS cluster

清除操作完成后,可以将 HGS 服务器重新初始化为 HgsServerAfter the clear operation completes, the HGS server can be re-initialized with Initialize-HgsServer. 如果使用 HgsServer 来设置 Active Directory 域服务域,则在清除操作后,该域将保持配置并可操作。If you used Install-HgsServer to set up an Active Directory Domain Services domain, that domain will remain configured and operational after the clear operation.

卸载 HGSUninstalling HGS

如果要从 HGS 群集中删除节点 将其上运行的 Active Directory 域控制器降级,请使用 HgsServer cmdlet。If you wish to remove a node from the HGS cluster and demote the Active Directory Domain Controller running on it, use the Uninstall-HgsServer cmdlet. 此 cmdlet 将在运行它的服务器上进行以下更改:This cmdlet will make the following changes on the server where it is run:

  • 注销证明和密钥保护服务Unregisters the attestation and key protection services
  • 删除 "JEA" 管理终结点Removes the "microsoft.windows.hgs" JEA management endpoint
  • 从 HGS 故障转移群集中删除本地计算机Removes the local computer from the HGS failover cluster
  • 将 Active Directory 域控制器降级(如果已配置)Demotes the Active Directory Domain Controller, if configured

如果该服务器是群集中的最后一个 HGS 节点,则域、故障转移群集和群集的分布式网络名称资源也将被销毁。If the server is the last HGS node in the cluster, the domain, failover cluster, and the cluster's Distributed Network Name resource will also be destroyed.

# Removes the local computer from the HGS cluster and demotes the ADDC (restart required)
$newLocalAdminPassword = Read-Host -AsSecureString -Prompt "Enter a new password for the local administrator account"
Uninstall-HgsServer -LocalAdministratorPassword $newLocalAdminPassword -Restart

完成卸载操作并重新启动计算机后,可以使用 HgsServer 重新安装 ADDC 和 HGS,或将计算机加入域,并使用 HgsServer初始化该域中的 HGS 服务器。After the uninstall operation is complete and the computer has been restarted, you can reinstall ADDC and HGS using Install-HgsServer or join the computer to a domain and initialize the HGS server in that domain with Initialize-HgsServer.

如果不再想要使用该计算机作为 HGS 节点,可以从 Windows 中删除该角色。If you no longer intend to use the computer as a HGS node, you can remove the role from Windows.

Uninstall-WindowsFeature HostGuardianServiceRole