适用于托管商的受保护的构造和受防护 VM 规划指南Guarded Fabric and Shielded VM Planning Guide for Hosters

适用于: Windows Server 2019、Windows Server (半年频道) 、Windows Server 2016Applies to: Windows Server 2019, Windows Server (Semi-Annual Channel), Windows Server 2016

本主题介绍在构造中启用受防护的虚拟机所需执行的规划决策。This topic covers planning decisions that will need to be made to enable shielded virtual machines to run on your fabric. 无论升级现有 Hyper-v 构造还是创建新构造,运行受防护的 Vm 都包含两个主要组件:Whether you upgrade an existing Hyper-V fabric or create a new fabric, running shielded VMs consists of two main components:

  • 主机保护者服务 (HGS) 提供证明和密钥保护,使你可以确保受防护的 Vm 仅在已批准和正常运行的 Hyper-v 主机上运行。The Host Guardian Service (HGS) provides attestation and key protection so that you can make sure that shielded VMs will run only on approved and healthy Hyper-V hosts. 
  • 已批准且正常运行的 Hyper-v 主机 (和常规 Vm) 可以运行,这些主机称为受保护的主机。Approved and healthy Hyper-V hosts on which shielded VMs (and regular VMs) can run — these are known as guarded hosts.

HGS 和受保护的主机

决策 #1:构造中的信任级别Decision #1: Trust level in the fabric

如何实现主机保护者服务和受保护的 Hyper-v 主机主要取决于你在构造中要实现的信任度。How you implement the Host Guardian Service and guarded Hyper-V hosts will depend mainly on the strength of trust that you are looking to achieve in your fabric. 信任的强度由证明模式控制。The strength of trust is governed by the attestation mode. 有两个互相排斥的选项:There are two mutually-exclusive options:

  1. 受 TPM 信任的证明TPM-trusted attestation

    如果你的目标是帮助保护虚拟机免受恶意管理员的攻击,则使用受 TPM 信任的证明。If your goal is to help protect virtual machines from malicious admins or a compromised fabric, then you will use TPM-trusted attestation. 此选项非常适合于企业环境中的多租户托管方案以及高价值资产,例如 SQL 或 SharePoint 等域控制器或内容服务器。This option works well for multi-tenant hosting scenarios as well as for high-value assets in enterprise environments, such as domain controllers or content servers like SQL or SharePoint. 在允许主机运行受防护的 Vm 之前,会度量受虚拟机监控程序保护的代码完整性 (要求 HVCI) 策略,并强制其有效性。Hypervisor-protected code integrity (HVCI) policies are measured and their validity enforced by HGS before the host is permitted to run shielded VMs.

  2. 主机密钥证明Host key attestation

    如果你的要求主要由要求静态和正在进行加密的虚拟机的符合性驱动,则你将使用主机密钥证明。If your requirements are primarily driven by compliance that requires virtual machines be encrypted both at rest as well as in-flight, then you will use host key attestation. 此选项非常适用于常规用途的数据中心,你可以在其中熟悉 Hyper-v 主机和构造管理员对虚拟机的来宾操作系统进行日常维护和操作的访问。This option works well for general purpose datacenters where you are comfortable with Hyper-V host and fabric administrators having access to the guest operating systems of virtual machines for day-to-day maintenance and operations.

    在此模式下,构造管理员只负责确保 Hyper-v 主机的运行状况。In this mode, the fabric admin is solely responsible for ensuring the health of the Hyper-V hosts. 由于在确定不允许或不允许运行的情况下,HGS 不起作用,因此恶意软件和调试器将按设计方式工作。Since HGS plays no part in deciding what is or is not allowed to run, malware and debuggers will function as designed.

    但是,会阻止尝试直接附加到 (的进程的调试器,如 WinDbg.exe) ,因为 VM 的工作进程 ( # A1) 是受保护的进程轻型 (PPL) 。However, debuggers that attempt to attach directly to a process (such as WinDbg.exe) are blocked for shielded VMs because the VM's worker process (VMWP.exe) is a protected process light (PPL). 不会阻止其他调试技术(例如 LiveKd.exe 使用的方法)。Alternative debugging techniques, such as those used by LiveKd.exe, are not blocked. 与受防护的 Vm 不同,支持加密的 Vm 的工作进程不作为 PPL 运行,因此 WinDbg.exe 的传统调试器将继续正常工作。Unlike shielded VMs, the worker process for encryption supported VMs does not run as a PPL so traditional debuggers like WinDbg.exe will continue to function normally.

    从 Windows Server 2019 开始,不再推荐使用名为 "管理-受信任的证明" () 基于 Active Directory 的证明模式。A similar attestation mode named Admin-trusted attestation (Active Directory-based) is deprecated beginning with Windows Server 2019.

你选择的信任级别将规定 Hyper-v 主机的硬件要求以及你在构造上应用的策略。The trust level you choose will dictate the hardware requirements for your Hyper-V hosts as well as the policies that you apply on the fabric. 如有必要,你可以使用现有的硬件和受信任的管理员证明来部署受保护的构造,然后在硬件升级后将其转换为受 TPM 信任的证明,并需要增强构造安全性。If necessary, you can deploy your guarded fabric using existing hardware and admin-trusted attestation and then convert it to TPM-trusted attestation when the hardware has been upgraded and you need to strengthen fabric security.

决策 #2:现有 Hyper-v 结构与新的单独 Hyper-v 构造Decision #2: Existing Hyper-V fabric versus a new separate Hyper-V fabric

如果现有构造 (Hyper-v 或其他) ,则很可能你可以使用它来与常规 Vm 一起运行受防护的 Vm。If you have an existing fabric (Hyper-V or otherwise), it is very likely that you can use it to run shielded VMs along with regular VMs. 有些客户选择将受防护的 Vm 集成到其现有的工具和构造中,而另一些客户会出于业务原因将其隔离开来。Some customers choose to integrate shielded VMs into their existing tools and fabrics while others separate the fabric for business reasons.

主机保护者服务的 HGS 管理员规划HGS admin planning for the Host Guardian Service

在高度安全的环境中,部署主机保护者服务 (HGS) ,无论是在专用物理服务器、受防护的 VM、隔离的 Hyper-v 主机上的 VM (与它所) 保护的构造之间分隔,还是通过使用不同的 Azure 订阅进行逻辑隔离。Deploy the Host Guardian Service (HGS) in a highly secure environment, whether that be on a dedicated physical server, a shielded VM, a VM on an isolated Hyper-V host (separated from the fabric it's protecting), or one logically separated by using a different Azure subscription.

区域Area 详细信息Details
安装要求Installation requirements
  • 一个服务器 (三节点群集,为实现高可用性而建议) One server (three-node cluster recommended for high availability)
  • 对于回退,至少需要两个 HGS 服务器For fallback, at least two HGS servers are required
  • 服务器可以是虚拟的,也可以是物理服务器的物理服务器 (建议使用 TPM 2.0;还支持 TPM 1.2) Servers can be either virtual or physical (physical server with TPM 2.0 recommended; TPM 1.2 also supported)
  • Windows Server 2016 或更高版本的服务器核心安装Server Core installation of Windows Server 2016 or later
  • 允许 HTTP 或回退配置的构造的网络线路Network line of sight to the fabric allowing HTTP or fallback configuration
  • 建议使用 HTTPS 证书进行访问验证HTTPS certificate recommended for access validation
大小调整Sizing 每个中型 (8 核/4 GB) HGS server 节点可以处理 1000 Hyper-v 主机。Each mid-size (8 core/4 GB) HGS server node can handle 1,000 Hyper-V hosts.
管理Management 指定将管理 HGS 的特定人员。Designate specific people who will manage HGS. 它们应该独立于构造管理员。They should be separate from fabric administrators. 为了进行比较,可以将 HGS 群集视为与证书颁发机构相同的方式, (CA) 管理隔离、物理部署和总体安全敏感度级别。For comparison, HGS clusters can be thought of in the same manner as a Certificate Authority (CA) in terms of administrative isolation, physical deployment and overall level of security sensitivity.
主机保护者服务 Active DirectoryHost Guardian Service Active Directory 默认情况下,HGS 安装自己的用于管理的内部 Active Directory。By default, HGS installs its own internal Active Directory for management. 这是一个自包含的自管理林,是用于帮助将 HGS 与构造隔离的推荐配置。This is a self-contained, self-managed forest and is the recommended configuration to help isolate HGS from your fabric.

如果你已经有一个高度特权的 Active Directory 林用于隔离,则可以使用该林,而不是使用 HGS 默认林。If you already have a highly privileged Active Directory forest that you use for isolation, you can use that forest instead of the HGS default forest. 不能将 HGS 加入到与 Hyper-v 主机或构造管理工具相同的林中的域,这一点很重要。It is important that HGS is not joined to a domain in the same forest as the Hyper-V hosts or your fabric management tools. 这样做可能会允许构造管理员获得对 HGS 的控制。Doing so could allow a fabric admin to gain control over HGS.
灾难恢复Disaster recovery 有三个选项:There are three options:
  1. 在每个数据中心安装单独的 HGS 群集,并授权受防护的 Vm 在主数据中心和备份数据中心运行。Install a separate HGS cluster in each datacenter and authorize shielded VMs to run in both the primary and the backup datacenters. 这样就无需跨 WAN 扩展群集,并允许你隔离虚拟机,使其仅在指定的站点中运行。This avoids the need to stretch the cluster across a WAN and allows you to isolate virtual machines such that they run only in their designated site.
  2. 在两个 (或更多) 数据中心之间的 stretch 群集上安装 HGS。Install HGS on a stretch cluster between two (or more) datacenters. 如果 WAN 停机,则会提供复原功能,但会推送故障转移群集的限制。This provides resiliency if the WAN goes down, but pushes the limits of failover clustering. 无法将工作负荷隔离到一个站点;授权在一个站点中运行的 VM 可以在任何其他站点上运行。You cannot isolate workloads to one site; a VM authorized to run in one site can run on any other.
  3. 将 Hyper-v 主机注册为其他 HGS 作为故障转移。Register your Hyper-V host with another HGS as failover.
还应通过导出其配置来备份每个 HGS,以便始终可以在本地恢复。You should also backup every HGS by exporting its configuration so that you can always recover locally. 有关详细信息,请参阅HgsServerStateHgsServerStateFor more information, see Export-HgsServerState and Import-HgsServerState.
主机保护者服务密钥Host Guardian Service keys 主机保护者服务使用两个非对称密钥对,每个密钥对都由一个 SSL 证书表示。A Host Guardian Service uses two asymmetric key pairs — an encryption key and a signing key — each represented by an SSL certificate. 有两个选项可用于生成这些密钥:There are two options to generate these keys:
  1. 内部证书颁发机构-可以使用内部 PKI 基础结构生成这些密钥。Internal certificate authority – you can generate these keys using your internal PKI infrastructure. 这适用于数据中心环境。This is suitable for a datacenter environment.
  2. 公开信任的证书颁发机构–使用从公开信任的证书颁发机构获取的一组密钥。Publicly trusted certificate authorities – use a set of keys obtained from a publicly trusted certificate authority. 这是托管商应使用的选项。This is the option that hosters should use.
请注意,虽然可以使用自签名证书,但不建议将其用于概念证明实验室以外的部署方案。Note that while it is possible to use self-signed certificates, it is not recommended for deployment scenarios other than proof-of-concept labs.

除了拥有 HGS 密钥以外,主机托管服务还可以使用 "自带密钥",其中租户可以提供自己的密钥,以便某些 (或所有) 租户可以拥有自己的特定 HGS 密钥。In addition to having HGS keys, a hoster can use "bring your own key," where tenants can provide their own keys so that some (or all) tenants can have their own specific HGS key. 此选项适用于托管商,可为租户提供带外进程来上载其密钥。This option is suitable for hosters that can provide an out-of-band process for tenants to upload their keys.
主机保护者服务密钥存储Host Guardian Service key storage 为了获得最高的安全性,我们建议在 (HSM) 的硬件安全模块中创建并专门存储 HGS 密钥。For the strongest possible security, we recommend that HGS keys are created and stored exclusively in a Hardware Security Module (HSM). 如果未使用 Hsm,强烈建议在 HGS 服务器上应用 BitLocker。If you are not using HSMs, applying BitLocker on the HGS servers is strongly recommended.

针对受保护主机的结构管理员规划Fabric admin planning for guarded hosts

区域Area 详细信息Details
硬件Hardware
(OS)OS 建议使用 Hyper-v 主机操作系统的 "服务器核心" 选项。We recommend using Server Core option for the Hyper-V host OS.
性能影响Performance implications 根据性能测试,我们预计运行受防护的 Vm 和未受防护的 Vm 之间的密度大致为5%。Based on performance testing, we anticipate a roughly 5% density-difference between running shielded VMs and non-shielded VMs. 这意味着,如果给定的 Hyper-v 主机可以运行20个未受防护的 Vm,则会预计它可以运行19个受防护的 Vm。This means that if a given Hyper-V host can run 20 non-shielded VMs, we expect that it can run 19 shielded VMs.

请确保根据典型工作负荷验证大小。Make sure to verify sizing with your typical workloads. 例如,可能会有一些离群的离线,它们会进一步影响密度差异。For example, there might be some outliers with intensive write-oriented IO workloads that will further affect the density difference.
分支机构注意事项Branch office considerations 从 Windows Server 版本1709开始,你可以为分支机构中作为受防护的 VM 本地运行的虚拟化 HGS 服务器指定回退 URL。Beginning with Windows Server version 1709, you can specify a fallback URL for a virtualized HGS server running locally as a shielded VM in the branch office. 当分支机构失去到数据中心内的 HGS 服务器的连接时,可以使用回退 URL。The fallback URL can be used when the branch office loses connectivity to HGS servers in the datacenter. 在以前版本的 Windows Server 上,分支机构中运行的 Hyper-v 主机需要连接到主机保护者服务才能开机或实时迁移受防护的 Vm。On previous versions of Windows Server, a Hyper-V host running in a branch office needs connectivity to the Host Guardian Service to power-on or to live migrate shielded VMs. 有关详细信息,请参阅分支机构注意事项For more information, see Branch office considerations.