Forum Discussion
What is the roadmap for FIDO2 passthrough from Hyper-V host to VM?
KalimanneJ here under “Secure devices” section https://www.microsoft.com/insidetrack/blog/improving-security-by-protecting-elevated-privilege-accounts-at-microsoft/
I don’t see anywhere there that they are recommending against the SAW being a physical machine.
That link has a story that talks about them internally deploying proprietary customized, very locked down laptops with both the SAW and their everyday machine running as VMs on it.
It does not seem applicable to everyone else.
The base host laptop has to be locked down at least as much as a SAW would be or it will become a source of compromise and would make the SAW VM running on it also subject to compromise.
With that setup, you are running 3 operating systems that need management and patching, plus the laptop has to be powerful enough to run the local OS plus 2 additional copies of Windows as VMs and have licensing to do that.
Does not look practical!
- What about if I’m an engineer and I have the option to run AWS commands in Powershell, but I would prefer to use a Linux environment in WSL for that. I would have to let WSL access my hardware device correct?
