Marco Zimmermann Posted October 20, 2021 Share Posted October 20, 2021 Hi, we need to enable Virtualization Based Security / Credential Guard for our Guest VMs. As it uses nested VM feature (Hyper V) I found no information that this is actual supported. I tried to eneble Nested HV via xe vm-param-set uuid=xxx platform:exp-nested-hvm=true however the Virtualization Based Security status keeps displaying "Enabled but not running". For a test I could enable Hyper-V Role manually, however the service fails to start with "Hypervisor launch failed, Processor does not support the minimum features.." Is anyone using it? Is it on the road map? vSphere supports this since 2018 with one checkbox to enable when creating the VM. Thanks for any information. Marco Link to comment
0 Tobias Kreidl Posted October 20, 2021 Share Posted October 20, 2021 Could only find this, but maybe it's not of much help: https://docs.citrix.com/en-us/citrix-endpoint-management/policies/device-guard-policy.html Link to comment
0 Mark Syms Posted November 3, 2021 Share Posted November 3, 2021 Both of those features require virtualisation support in the operating system and as this is a VM that means nested virtualisation support in the hypervisor. This is not a feature supported by Citrix Hypervisor and it is not on any roadmap although it is something that both the product and engineering teams are aware of being necessary for supporting certain features of Windows. Link to comment
Question
Marco Zimmermann
Hi,
we need to enable Virtualization Based Security / Credential Guard for our Guest VMs.
As it uses nested VM feature (Hyper V) I found no information that this is actual supported.
I tried to eneble Nested HV via
xe vm-param-set uuid=xxx platform:exp-nested-hvm=true
however the Virtualization Based Security status keeps displaying "Enabled but not running".
For a test I could enable Hyper-V Role manually, however the service fails to start with
"Hypervisor launch failed, Processor does not support the minimum features.."
Is anyone using it? Is it on the road map?
vSphere supports this since 2018 with one checkbox to enable when creating the VM.
Thanks for any information.
Marco
Link to comment
2 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now