You can enable Microsoft virtualization-based security (VBS) for supported Windows guest operating systems at the same time you create a virtual machine.
Enabling VBS is a process that involves first enabling VBS in the virtual machine then enabling VBS in the Windows guest OS.
Intel hosts are recommended. See Virtualization-based Security Best Practices for acceptable CPUs.
Create a virtual machine that uses hardware version 14 or later and one of the following supported guest operating systems:
Windows 10 (64 bit)
Windows Server 2016 (64 bit)
- Connect to vCenter Server by using the vSphere Client.
- Select an object in the inventory that is a valid parent object of a virtual machine, for example, an ESXi host or a cluster.
- Right-click the object, select New Virtual Machine, and follow the prompts to create a virtual machine.
Select a creation type
Create a virtual machine.
Select a name and folder
Specify a name and target location.
Select a compute resource
Specify an object for which you have privileges to create virtual machines.
In the VM storage policy, select the storage policy. Select a compatible datastore.
Ensure that ESXi 6.7 and later is selected.
Select a guest OS
Select either Windows 10 (64-bit) or Windows Server 2016 (64 bit). Select the Enable Windows Virtualization Based Security check box.
Customize the hardware, for example, by changing disk size or CPU.
Ready to complete
Review the information and click Finish.
Once the virtual machine is created, confirm that its Summary tab displays "VBS true" in the Guest OS description.