In this post we’ll determine requirements and scenarios for implementing shielded VMs. In a traditional environment where virtual machines run on a hypervisor host, it’s possible for the administrator of the virtualization layer to get full access to the virtual machines.
For example if you buy a VPS from a provider, you are given access to the guest operating system. It is technically feasible for a malicious or compromised administrator account to gain access to the virtual machine.
This is where shielded VMs in Windows Server 2016 come in to save the day.