Microsoft has rolled out a new free Azure module that users can use to deploy virtual machines (VMs) with verified and signed bootloaders.
The new module builds upon the Virtual Trusted Platform Module (vTPM) to ascertain the integrity of the bootloader. While TPM has been a mainstay on modern servers for quite some time now, its still a comparatively new phenomenon in cloud computing.
The vTPM measurements give administrators visibility into the integrity of the entire boot process, and vTPM release policies ensure that keys, certificates, and secrets aren’t accessible to compromised virtual machines,” shared Mark Russinovich, Chief Technology Officer and Technical Fellow, Microsoft Azure, as he announced the new module.
The new module, named Azure Trusted Launch, is designed to safeguard VMs against rootkits and bootkits.
Russinovich shares that if the module detects suspicious activity while the VM is booting, itll flag it in the Azure Security Center, which serves as the single pane of glass for all kinds of integrity alerts, recommendations, and remediations that come by the way of the Trusted Launch module.
The module is currently in preview, and according to its documentation, ships with several limitations. For starters, its available only to customers in South Central US and Northern Europe.
It supports only a small subset of Azure VMs and will currently only work on new ones. However, by the time its generally available, Trusted Launch will also work with existing VMs as well.
Via: The Register