deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update credential-guard.md

Browse Source 
hardware requirements
This commit is contained in:
GITMichiko 2017-01-26 00:23:30 -08:00 committed by GitHub
parent 926bf1e2bb
commit 7047eec167
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
windows/keep-secure/credential-guard.md
View File

@ -45,7 +45,15 @@ For Credential Guard to provide protections, the computers you are protecting mu
To deploy Credential Guard, the computers you are protecting must meet certain baseline hardware, firmware, and software requirements. Beyond that, computers can meet additional hardware and firmware requirements, and receive additional protection—those computers will be more hardened against certain threats.
You can deploy Credential Guard in phases, and plan these phases in relation to the computer purchases you plan for your next hardware refresh.
To provide basic protection against OS level attempts to read Credential Manager domain credentials, NTLM and Kerberos derived credentials, Credential Manager uses:
- Support for Virtualization-based security (required)
- TPM 2.0 either discrete or firmware (preferred - provides binding to hardware)
- UEFI lock (preferred - prevents attacker from disabling with a simple registry key change)
The Virtualization-based security requires:
- 64 bit CPU
- CPU virtualization extensions plu extended page tables
- Windows hypervisor
### Application requirements