Secure Virtual Domain Controller using BitLocker Encryption

Hi, today’s topic is about securing virtual domain controller using BitLocker Encryption.

Virtual domain controller is sometimes at critical risk where the VHD folders can be copied and placed to another. Of course nowadays, by using BitLocker Encryption might be useful and one factor to secure our production environment.

hyper-nomdc

Moreover, the very best friend comes out with BitLocker encryption on more enhancing technology is the Trust Platform Module (TPM) where you can find in the BIOS motherboard itself.

In my lab environment, I run my host hyper-V in my lenovo thinkpad. To secure the virtual domain controller is by enabling the BitLocker Encryption on the host of the virtual machine.

Simple to do:

  1. I enable the TPM / security chip at the bios setup. I am very fortunate the Lenovo has the tools to check. You may download it here. You can here the setting is Active. that’s mean the TPM is enabled.
    tpm-is-active
  2. After that, you need to add features BitLocker encryption at the host hyper-v. you may need to restart the server.
    enable-bitlocker
  3. On control panel, you manage your bitlocker on which volume drive you need to turn on. on the screenshot below, I turn on the bitlocker on my operating system. because the virtual machine folders are located at default. you may relocate your virtual machine folder in different drive and you turn on the bitlocker on the drive that you locate the VM VHD/VHDX files.
    bitcontrolpanel
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s