Microsoft: Shielded VM local mode and HGS mode
With the new capability in Windows 10, version 1709, Windows Client can host shielded VMs while using remote Host Guardian Service (HGS) attestation. This caused some confusion as people stated they have already been running shielded VMs on client. This blog post is intended to clarify things and explain how to run them side by side.
In Windows 10, when you create a VM, you can optionally attach a virtual TPM (vTPM) to it. It offers similar protection to the VM as a physical TPM does for the physical device. vTPM state is encrypted and the encryption key can be either stored locally (a.k.a. local mode) or stored remotely on a HGS server (a.k.a HGS mode). There are several strong security measures in HGS mode such as validating boot measurements and code integrity policies. For more information on what HGS mode measures, check out my previous blog post on Privileged Access Workstations here.
The mode–local mode vs. HGS mode–is a configuration setting on the physical host so it knows where to get the key to unlock the vTPM. When the host is running in HGS mode, it will get the key from HGS server (assuming it qualifies as healthy); when the host is running in local mode, it will look for the key locally. Previously, Windows Client only supported local mode; HGS mode support was added in the Windows 10, version 1709 release.
Read the entire article here, Shielded VM local mode and HGS mode – Datacenter and Private Cloud Security Blog
Via the fine folks at Microsoft.