Hi! The system administrators working in my company do not want to let user access to the internal network with OS that are not under their control and they only support Windows at the moment.
I would like to propose QubesOS as an alternative, with a Windows VM managed by them inside it, connected to the internal network via VPN (we already have this VPN in place for accessing the internal network while working outside of the building). In addition to this, users could run the operating systems and the applications they want in different VMs, thanks to QubesOS features. The system administrators would not have to support QubesOS, just the Windows VM, but this solution could only be accepted if I am able to show that there is a reasonable guarantee that tampering the Windows VM from QubesOS is as hard as tampering the same Windows system installed on a regular machine (with secure boot, hardware encryption, etc.). My question is: how secure is a VM if a user tries to tampers it? Is SGX a technology that can be used to provide that level of security? If so, is it used by QubesOS at the moment? Any suggestion, comment or link would be greatly appreciated. Frafra -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c78d47aa-e276-46b8-88b0-108a8e55d3f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
