Skip to main content

Microsoft makes running a virtual machine on Azure safer - and free

Google cloud services
(Image credit: Shutterstock)

Microsoft has rolled out a new free Azure module that users can use to deploy virtual machines (VMs) with verified and signed bootloaders.

The new module builds upon the Virtual Trusted Platform Module (vTPM) to ascertain the integrity of the bootloader. While TPM has been a mainstay on modern servers for quite some time now, it’s still a comparatively new phenomenon in cloud computing.

“The vTPM measurements give administrators visibility into the integrity of the entire boot process, and vTPM release policies ensure that keys, certificates, and secrets aren't accessible to compromised virtual machines,” shared Mark Russinovich, Chief Technology Officer and Technical Fellow, Microsoft Azure, as he announced the new module.

Secure VMs

The new module, named Azure Trusted Launch, is designed to safeguard VMs against rootkits and bootkits. 

Russinovich shares that if the module detects suspicious activity while the VM is booting, it’ll flag it in the Azure Security Center, which serves as the single pane of glass for all kinds of integrity alerts, recommendations, and remediations that come by the way of the Trusted Launch module.

The module is currently in preview, and according to its documentation, ships with several limitations. For starters, it’s available only to customers in South Central US and Northern Europe. 

It supports only a small subset of Azure VMs and will currently only work on new ones. However, by the time it’s generally available, Trusted Launch will also work with existing VMs as well. 

Via: The Register

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.