vTPM in Windows Server 2016 Hyper-V

It`s good to see that there are great security enhancements in the upcoming version of Hyper-V. Containers bring great isoloation for our applications in terms of performance and security.

One another great enhancement is vTPM on Hyper-V. When you enable Hyper-V on Windows Server 2016 or Windows 10, you will see a new security device under Device Manager.



As you may know, Microsoft is using TPM to provide hardware level security for your operating system. TPM is just a chip generally on your motherboard and includes encryption keys in order to create crytographic keys. That allows Bitlocker to use TPM and help to protect Windows OS even it`s stolen or lost..

With the upcoming feature vTPM, now we have same level of security in Virtual Machines. Our VMs can leverage TPM and can be protected by Bitlocker. That means, you don`t need to worry about if someone just gets your VHD and import it into another Hyper-V server. It won`t work..

What about Live migration? According the announcement Live migration will work as usual and traffic will be encrypted.