Microsoft releases its first secure-core servers. The organization adopts the ‘secure-core server’ label to describe server environments that protect against specific attack methods and malware types.

Secure-core servers defend against specific types of exploits and attacks. Think of ransomware and cryptomining exploits. According to Microsoft, the term describes servers that protect the infrastructure with a ‘hardware root of trust’, defend sensitive workloads against firmware attacks and prevent access to the infrastructure and the execution of unauthorized code on these environments.

Secure-core servers are managed from a single environment. In Microsoft’s case, that environment is Windows Admin Center. From there, administrators can perform typical secure-core server tasks such as hypervisor enforced code integrity, boot direct memory access (DMA) protection, system guard, secure boot and virtualization-based security.

First server models available

In collaboration with several OEM vendors, the first Microsoft secure-core servers are now available. The Windows Server and Azure HCI catalogues include several HPE Gen10 Plus (v2) secure-core server models for the Azure Stack HCI 21H2 version.

In addition, Microsoft labelled several servers based on Windows Server 2016, 2019 and/or 2022 to indicate compliance with its secure-core server standard. Among these servers are products from Dell Technologies, HPE, Lenovo, AMD and NEC.