Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Here you can provide suggestions on how to improve the product, website, etc.

Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Postby joncle » 11. Oct 2017, 21:36

I would like to confirm if/when VirtualBox on Mac OS will support Win 10 guests with virtualization-based security (VBS) features such as Device Guard and Credential Guard enabled. VMWare released Fusion 10 recently, which includes support for these features on Win 10 guests. More info is available on the VMWare Fusion Blog. Trying to understand if Oracle has plans to offer similar functionality in VirtualBox or not.
Last edited by joncle on 12. Oct 2017, 16:04, edited 1 time in total.
joncle
 
Posts: 2
Joined: 11. Oct 2017, 21:30

Re: Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Postby socratis » 11. Oct 2017, 21:46

Moving to "Suggestions" from "OSX Hosts", since this is a suggestion/enhancement that applies more broadly than OSX hosts.

BTW, comparing apples (no pun intended) and oranges doesn't help. If nothing else it's distracting. A program and its developers do not base their roadmap necessarily on what others do. Just my 0.02 €.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 12733
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Postby joncle » 12. Oct 2017, 04:04

Apologies if I wasn't clear. I want to confirm whether VirtualBox on a macOS host supports Win 10 guests with VBS enabled (Device Guard & Credential Guard). Your reply implies that VirtualBox on macOS doesn't support Win 10 guests with VBS enabled (though let me know if that is not the case).

The point of mentioning VMWare Fusion's new VBS capabilities is to show that it is technically possible to support these Microsoft features via a third party hypervisor. In the past, Hyper-V was the only option, though it only works on Windows hosts. VirtualBox on macOS is essentially a no-go in environments that require Win 10 guests to have VBS enabled.
joncle
 
Posts: 2
Joined: 11. Oct 2017, 21:30

Re: Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Postby socratis » 12. Oct 2017, 09:19

First of all, for those of you that don't know (I certainly didn't), VBS is not Visual Basic Script as I originally thought, it's Virtualization Based Security, i.e. Device Guard & Credential Guard in Windows 10 systems.

@joncle
In order to have virtualization based anything in the guest, that means that the guest will have to "see" some hardware features in the CPU, mainly the ability for hardware virtualization, a.k.a. VT-x. For the moment the VT-x availability on the host is not passed on to the guest, so at the moment, no, you can't do that. BTW, you might also see this feature referred to as "nested virtualization".

I believe that there are plans to enable this feature at some point in the future, but (as any developer that has some self-respect), the VirtualBox developers will not talk about a timeline for this (or any other planned) feature.

PS. It's not just your Mac, VirtualBox is a multi-OS program.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 12733
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Postby michaln » 12. Oct 2017, 11:05

joncle wrote:VirtualBox on macOS is essentially a no-go in environments that require Win 10 guests to have VBS enabled.

I expect those environments will let us know through their Oracle sales or support representative.
michaln
Oracle Corporation
 
Posts: 2841
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all

Re: Support for Mac OS host with Win 10 guests that have Device Guard/Credential Guard enabled

Postby socratis » 18. Oct 2017, 06:55

@victhevikas
I'm not quite sure what you mean. Plus Microsoft has many blogs and bloggers. Any specific one? Even the title would do...
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 12733
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5


Return to Suggestions

Who is online

Users browsing this forum: No registered users and 6 guests