Читать книгу Windows Server 2022 & Powershell All-in-One For Dummies - Sara Perrott - Страница 123

This role was introduced for the first time in Windows Server 2016. It manages and releases keys for Hyper-V hosts that are considered trusted (known as guarded hosts). This allows the guarded hosts to power on shielded virtual machines (VMs) and perform live migrations. It uses two services to do its work:

 Attestation Service: Validates the identity of the hosts that are communicating with it as well as their configuration

 Key Protection Service: Gives access to the encrypted transport keys that allows the guarded hosts to work with the shielded VMs

If you want to learn more about shielded VMs, check out Book 7, Chapter 2.