A server function introduced in Windows Server 2016 that supports attestation (affirmation) and key protection for shielded VMs. After the Host Guardian Service (HGS) affirms the identity of a Microsoft Hyper-V host, it becomes a "guarded host," and HGS provides a transport key to unlock and run a shielded VM. See
Hyper-V and
shielded VM.