You can enable Microsoft virtualization-based security (VBS) on existing virtual machines for supported Windows guest operating systems.
Prerequisites
Enabling VBS is a process that involves first enabling VBS in the virtual machine then enabling VBS in the guest operating system.
Note: New virtual machines configured for Windows 10, Windows Server 2016, and Windows Server 2019 on hardware versions less than version 14 are created using Legacy BIOS by default. If you change the firmware type of a virtual machine from Legacy BIOS to UEFI, you must reinstall the guest operating system.
See the vSphere Security documentation for information about acceptable CPUs and VBS best practices.
Using Intel CPUs for VBS requires vSphere 6.7 or later. The virtual machine must have been created using hardware version 14 or later and one of the following supported guest operating systems:
- Windows 10 (64 bit) or later releases
- Windows Server 2016 (64 bit) or later releases
Using AMD CPUs for VBS requires vSphere 7.0 Update 2 or later. The virtual machine must have been created using hardware version 19 or later and one of the following supported guest operating systems:
- Windows 10 (64 bit), version 1809 or later releases
- Windows Server 2019 (64 bit) or later releases
Ensure that you install the latest patches for Windows 10, version 1809, and Windows Server 2019, before enabling VBS.