In keeping with their tradition of post-Ignite launches, Microsoft has announced the public preview of Trusted Launch for Azure Virtual Machines (VM).
Enabling Trusted Launch on new Generation 2 VMs will allow administrators to deploy VMs with verified and signed bootloaders, OS kernels, and a boot policy that leverages the Trusted Launch Virtual Trusted Platform Module (vTPM) to guard against more sophisticated bootkits and rootkits that typically hide from diagnostic tools and antimalware, making them difficult to detect and almost impossible to remove.
We encourage you to work with your service provider to properly enable Trusted Launch in the Azure portal. Once enabled, Trusted Launch will then display its integrity alerts, recommendations, and remediations in the Azure Security Center making its findings easy to view and act upon.
(Learn more about optimizing your Azure infrastructure.)
Trusted Launch will be another piece of the overall security landscape that Agio builds and maintains for its partners to ensure the integrity of their data in the public cloud.
While Trusted Launch is in public preview, it is currently only available in the South Central United States and Northern Europe. More details about the preview limitations can be found here: https://docs.microsoft.com/en-us/azure/virtual-machines/trusted-launch.
Contact us to find out more.