Enabling hardware virtualization in bios. How to enable hardware virtualization in BIOS
Hardware virtualization provides virtual machine performance that is almost identical to that of a non-virtualized machine; this technology is necessary in order to be able to work with virtual machines on your computer. By default, virtualization may be disabled on some. In this article I will tell you how to find out if your processor supports Intel technology VT-X (Intel processors) or AMD-V( AMD processors). Also from this article you will learn how to enable Intel VT-X and AMD-V technology.
Intel VT-x This is hardware virtualization from Intel. To find out if your processor supports the technology Intel VT-X download the CPU-Z program . . After launching, in the program window we look at the technologies that your processor supports:
If there is VT-X in the “Instruction” column, then your processor supports virtualization.
AMD-V
AMD-V is a hardware virtualization technology from AMD. To check whether your processor supports this technology, we will also need CPU-Z program, launch it and look at the “instruction” item. If there is AMD-V there, then your processor supports virtualization:
Enabling VT-X/AMD-V in Bios
Boot into Bios. In Bios, the picture may be different for everyone, we need to find a mention of virtualization (intel virtualization technology or virtualization) and enable this function. In my case it was like this:
Save the Bios settings and reboot. That's it, virtualization is enabled and enabled!
Enabling VT-X/AMD-V in UEFI
In the case of UEFI, I had to go to the Advanced > CPU configuration tab and enable virtualization there:
After enabling VT-X and AMD-V, you have the ability to create virtual machines on your computer
We enable hardware virtualization of central processors, AMD - AMD-V and Intel - VT-X technologies. Learn more about how to check whether virtualization is supported by the processor and how to enable virtualization in the BIOS. The technology is checked and activated simply...
Virtualization is - virtualization means a processor architecture with the ability to simulate hardware (virtual guest systems) using software methods. Virtualization technology makes it possible to run several operating systems (virtual OS) on one real physical computer, with isolated, separated computing processes, with dedicated logical resources, some of which include processor power, RAM, and a file subsystem from a common pool.
In simple words, virtualization allows the user to run diverse virtual machines with different types of operating systems (Windows, Android, Linux, MacOS X) or identical ones with any set of programs on one physical personal computer. Most in demand at at the moment for gamers, allows you to launch and speed up .
How to check whether virtualization is supported and enabled.
For those who are afraid to enter the BIOS, you can check whether the processor supports virtualization technology or not and whether it is enabled in the BIOS, you can use the SecurAble program. The utility is free, does not require installation - the portable version, literally in two clicks - launched, found out the result, closed. You can download the program by going to SecurAble official website or download via direct link from - office. site.
Securable parameters:
1. Parameter value Maximum Bit Length indicates the maximum available bit depth of the system, 32-bit or 64-bit.
2. Values Hardware D.E.P.- technology responsible for security, introduced to counter the launch of malicious code.
3. Option Hardware Virtualization- the parameter can produce four values:
Yes- virtualization technology is supported by the processor - enabled;
No- virtualization is not supported by the processor;
Locked On- enabled and supported, but cannot be disabled in the BIOS;
Locked Off- the technology is supported, but it is disabled and cannot be enabled in the BIOS.
The inscription Locked Off is not always a sentence - BIOS flashing can correct the situation.
How to enable virtualization in BIOS.
Responsible for enabling hardware virtualization in BIOS Virtualization Technology. To disable the option or enable virtualization in the BIOS, we send the PC to reboot. When the first signs of loading appear, click on the keyboard key “F2” or “Delete” (different BIOS versions), look for a hint at the bottom of the screen at the start.
Go to the “Advanced BIOS - Features” section, find the “Virtualization” or “Advanced” option → “CPU Configuration”, option “ Intel Virtualization Technology".
We move using the keyboard arrows (in BIOS UEFI with the mouse), press “Enter”, change the “Virtualization” parameter from “Disabled” to “Enabled” (enabled). Virtualization has been enabled in the BIOS, all you have to do is not miss one important click - don’t forget to press the “F10” button, which corresponds to the value - save settings (Save).
And most importantly, remember - Virtualization Technology only creates an environment for Android emulators and operating systems and does not affect the actual performance of the hardware in any way (it does not make the computer powerful). Work hard first , choosing components wisely and only then demand something from it.
Today it is known that support for hardware virtualization Intel VT-x/VT-d and AMD-V necessary for the operation of virtual machines, such as VirtualBox And VMware Workstation , as well as for the operation of so-called emulator programs for mobile operating systems, for example for Android OS.
Nowadays almost everything modern computers have support for this technology, but of course there are those that do not support it. And in order to find out whether our processor supports this technology, we will first go to BIOS our computer and see if the setting we are interested in is there. I have added to the article several examples of what the virtualization enable item looks like in different BIOS versions. Basically enabling this option is in the tab advanced further, as can be seen in the picture below, under the name there is hidden evidence that this computer supports this technology.
In this version BIOS go to the tab advanced BIOS features where we also see in the paragraph virtualization support for this technology.
And here at the point advanced BIOS features It can be seen that hardware virtualization is supported by the processor.
Well, the last option, where in the tab advanced at point secure virtual machine mode, we can also enable this technology.
But there are also cases when our computer’s BIOS does not have an option to enable hardware virtualization secure virtual machine mode or intel virtualization technology, although they say that the processor that is in your computer supports this technology. To make sure of this, a small utility called Securable which will accurately show whether our processor supports hardware virtualization. We go to the official website of the manufacturer using the link https://www.grc.com/securable.htm, where we click on the item below Download Now. The download will begin, then we launch the program, there is no need to install it, since this is a portable version.
After launch, the program will immediately show information about whether your processor supports or does not support virtualization technology. You can see this in the third block. As you may have guessed, if there is an inscription yes it means there is support.
If it is written Locked OFF, this means that there is support for this technology, but it must be turned on. And it turns on, as we already know, in BIOS-e of our computer.
Well, if the block has the inscription NO, This means that hardware virtualization technology is not supported by your processor.
ABOUT Give your opinion about this article, and of course, ask your questions if something suddenly goes wrong for you.
Thank you for your attention!
In general, the other day I encountered a problem such as the inability to run guest operating systems on a virtual machine. More precisely, I could not run exactly 64 bit systems, although my processor quite supports these. Also, there was a problem with starting Linux distribution from a flash drive, the same problem appeared.
After searching the Internet one night, I discovered a certain parameter called Virtualization Technology, which turns on virtualization technology. It is activated in the BIOS. Thus, if you activate it, you can easily use guest systems on such virtual machines as, for example, others. Mostly, this function does not affect the operation of the system; by default, it is disabled (Disabled).
In different BIOS systems it may have different names, for example, Virtualization, Vanderpool Technology, VT Technology.
So, hardware virtualization, we realized that it provides support with special features. Processor architecture. There are two virtualization technologies: AMD-V and Intel-VT.
AMD-V – this technology also has the abbreviation SVM (Secure Virtual Machines). IOMMU input/output technology. It turns out that it is even more efficient than Intel-VT.
Intel-VT (Intel Virtualization Technology)– this technology implements virtualization of real addressing. May be abbreviated as VMX (Virtual Machine eXtension).
I will not describe in detail what these technologies mean, since a lot of information has been written about this on the Internet.
How to enable Virtualization Technology?
Well, actually, everything is very simple here. First you need, and then find the item Virtualization Technology, it may be called a little differently, as I wrote above, for example.
IN different types The BIOS item may be located in different places, for example, in the BIOS from AWARD and Gigabyte motherboards you will see it as soon as you get into the BIOS, to enable it, you just need to move the parameter to the position "Enabled".
In the company BIOS American Megatrends Inc this technology is enabled by default and is located in the tab "Advanced". There you can enable or disable it.
In the BIOS of some HP (Hewlett-Packard Company) laptops and BIOS InsydeH20 Setup Utility Virtualization feature is disabled. To activate it you need to go to the tab "System Configuration".
http://site/wp-content/uploads/2016/06/virtualization-technology.jpghttp://site/wp-content/uploads/2016/06/virtualization-technology-150x150.jpg 2017-04-21T11:45:19+00:00 EvilSin225 Windows AMD-V,intel virtualization technology what is it,Intel-VT,virtualization technology,virtualization technology in BIOS what is itIn general, the other day I encountered such a problem as the inability to run guest operating systems on a virtual machine. More precisely, I could not run 64-bit systems, although my processor fully supports such systems. Also, there was a problem with launching a Linux distribution from a flash drive, the same thing appeared...EvilSin225 Andrey Terekhov Administrator Computer technology
Today, an increasing number of modern computer systems are turning their attention to virtualization technologies. True, not everyone has a clear enough idea of what it is, why it is needed and how to resolve issues of its inclusion or practical use. Now we will look at how to enable virtualization in the BIOS using the simplest method. Let us immediately note that this technique is applicable to absolutely everyone. existing systems, in particular, to the BIOS and the UEFI system that replaced it.
What is virtualization and why is it needed?
Before we begin to directly solve the problem of how to enable virtualization in the BIOS, let’s look at what this technology is and why it is needed.
The technology itself is intended for use in any operating system so-called virtual machines that can emulate real computers with all their hardware and software components. In other words, in the main system you can create a certain one with the selection of a processor, RAM, video and sound card, network adapter, hard drive, optical media and God knows what else, including the installation of a guest (daughter) “OS”, which will be no different from a real computer terminal.
Types of technologies
If anyone doesn’t know, virtualization technologies were created by leading processor manufacturers - Intel and AMD corporations, which even today cannot share the palm in this area. At the dawn of the era, the hypervisor created ( software for managing virtual machines) from Intel did not meet all the performance requirements, which is why the development of support for virtual systems began, which had to be “hardwired” into the processor chips themselves.
Intel called this technology Intel-VT-x, and AMD called it AMD-V. Thus, support optimized the work central processor without affecting the main system.
It goes without saying that enabling this option in presets BIOS should only be used if physical machine a virtual machine is supposed to be used, for example, for testing programs or predicting behavior computer system with various “hardware” components after installing a particular operating system. Otherwise, such support may not be used. In addition, by default it is completely turned off and, as already mentioned, has absolutely no effect on the performance of the main system.
Login to BIOS
As for BIOS systems or UEFI, any computer or laptop has them, regardless of complexity installed equipment. The BIOS itself on a computer is a small chip on the motherboard, which is responsible for testing the hardware when the terminal is turned on. In it, despite the memory of only about 1 MB, the basic settings and characteristics of the equipment are saved.
Depending on BIOS version or manufacturer, entry can be made by several various methods. The most common is to use the Del key immediately after turning on the computer or laptop. However, there are other methods, for example, the F2, F12, etc. keys.
How to enable virtualization in the BIOS in the simplest way?
Now let's define some basic parameters and menus. We start from the fact that you have already entered the BIOS on the computer. There are several main sections here, but in this case we are interested in everything related to the processor chip.
Typically, such options are contained in the Advanced settings menu or in the Security section. They can also be called differently, but, as a rule, it is something like Processor or BIOS Chipset (although other names may also occur).
So, now the question of how to enable virtualization in the BIOS can be taken seriously. In the above sections there is a special line Virtualization Technology (in the case of Intel, the name of the corporation is added to the main name). When you enter the corresponding menu, two available options will be shown: Enabled and Disabled. As is already clear, the first is the enabled virtualization mode, the second is a complete disabling.
The same goes for UEFI systems, in which enabling this option is performed in a completely similar way.
Now that the BIOS has been set to the enabled mode setting, all that remains is to save the changes (F10 or the Save & Exit Setup command) and press the confirmation key Y, corresponding to the English word Yes. The system reboots with the newly saved parameters starts automatically.
What should you know besides this?
As you can see, the procedure for enabling virtualization in the BIOS is quite simple. However, there are some subtleties to consider here regarding the possible disabling of this function. The point is that when using virtual machines like WMware Virtual Machine, Virtual PC, VirtualBox, or even the native Microsoft module called Hyper-V, this option must be enabled in mandatory even with support enabled Windows components directly in the system settings.
For the most part, this applies to newer modifications of Windows, starting with “seven”. In "exp" or "Vista" this is prerequisite is not. Although if such “OSes” are installed on the latest hardware, enabling support may also be required. However, it is unlikely that a user on such a machine will install an obsolete operating system, which will not allow him to “squeeze” the maximum out of the computer hardware that it is capable of. So it’s better to use the latest hardware components in combination not only with the most latest versions operating systems, but also even with diagnostic systems and UEFI controls, which replaced the BIOS that had served for so long.
When working with software product VirtualBox virtualization, problems and malfunctions often arise related to the installation of a particular operating system on a virtual machine. The reasons for errors in operation may be different and with one of them, which states that "hardware acceleration(VT-x AMD-V) is not available on your system", we will understand in this article.
In this case, such a problem arose during the installation of the operating system. windows systems 8, although when Windows 7 was installed, such an error did not occur. How can we decide this problem? Let's find out below.
So, first of all we need to make sure that the processor supports the function VT-x/AMD-V, for this read the article How to check if your processor supports hardware virtualization Intel VT-x/VT-d and AMD-V. And to enable it, you need to go to BIOS motherboard. To do this, restart the computer and go to the BIOS of our system.
In order to go to BIOS, we need to press a key when turning on the computer Delete on the keyboard. (If it does not enter using the key delete try it F1, F2) When you turn on the computer, you can usually see on the start screen which key leads to BIOS.
As a result, we get into the BIOS of our computer. Next, select the tab " Advanced". There we see the tab " CPU Configuration" select it and press " Enter"
We get to the configuration menu, where we see the tab "Secure Virtual Machine Mode" opposite is the value "Disabled" what does disabled mean, we just need to enable it, to do this, click on the tab and select the value "Enabled".
As we see in the figure, the value has changed, now we need to save the changes made.
To save the changes made, go to the tab "Exit" then select the tab "Exit & Save Changes". In the window that opens, where we are asked to save changes made, press "OK" and wait until the computer reboots.
Next, open the VirtualBox program, go to " settings" the system that you wanted to install, in my case it is Windows 8.1. Click on the tab " system", further "acceleration", check the boxes next to the items indicated in the picture and click "OK."
All! The error no longer appears, you can begin the installation.
ABOUT Give your opinion about this article, and of course, ask your questions if something suddenly goes wrong for you.
Thank you for your attention!
Virtualization may be necessary for those users who work with various emulators and/or virtual machines. Both of them can work quite well without switching on this parameter, however if you require high performance When using the emulator, you will have to turn it on.
Important Warning
Initially, it is advisable to make sure whether your computer supports virtualization. If it is not there, then you risk simply wasting your time trying to activate it through the BIOS. Many popular emulators and virtual machines warn the user that his computer supports virtualization and if you enable this parameter, the system will work much faster.
If you do not receive such a message when you first launch an emulator/virtual machine, this may mean the following:
- Virtualization is already enabled by default (this rarely happens);
- Your computer does not support this setting;
- The emulator is not able to analyze and notify the user about the possibility of connecting virtualization.
Enable virtualization on an Intel processor
Using these step-by-step instructions, you can activate virtualization (only relevant for computers running on an Intel processor):
Enable virtualization on an AMD processor
The step-by-step instructions in this case look similar:
It is not difficult to enable virtualization on your computer; all you need to do is follow step by step instructions. However, if the BIOS does not have the ability to enable this function, then you should not try to do this using third party programs, as this will not give any result, but may worsen the performance of the computer.
We are glad that we were able to help you solve the problem.
Poll: did this article help you?
Not reallylumpics.ru
Virtual Secure Mode (VSM) in Windows 10 Enterprise
Windows 10 Enterprise (and this edition only) introduces a new Hyper-V component called Virtual Secure Mode (VSM). VSM is a protected container (virtual machine) running on a hypervisor and separated from the host Windows 10 and its kernel. Security-critical system components run inside this secure virtual container. No third party code can be executed inside VSM, and the integrity of the code is constantly checked for modification. This architecture allows you to protect data in VSM, even if the kernel of the host Windows 10 is compromised, because even the kernel does not have direct access to VSM.
The VSM container cannot be connected to the network, and no one can gain administrative privileges on it. Encryption keys, user authorization data and other information critical from the point of view of compromise can be stored inside the Virtual Secure Mode container. Thus, an attacker will no longer be able to get inside using locally cached domain user account data corporate infrastructure.
The following system components can run inside VSM:
- LSASS (Local Security Subsystem Service) – a component responsible for authorization and isolation local users(thus the system is protected from attacks like “pass the hash” and utilities like mimikatz). This means that passwords (and/or hashes) of users registered in the system cannot be obtained even by a user with rights local administrator.
- Virtual TPM (vTPM) is a synthetic TPM device for guest machines, necessary for encrypting the contents of disks
- OS code integrity monitoring system – protecting system code from modification
To be able to use VSM mode, the environment must meet the following hardware requirements:
- UEFI support, Secure Boot and Trusted Platform Module (TPM) for safe storage keys
- Hardware virtualization support (at least VT-x or AMD-V)
How to enable Virtual Secure Mode (VSM) in Windows 10
Let's look at how to enable Virtual Secure mode Mode Windows 10 (in our example this is Build 10130).
Checking VSM operation
You can make sure that VSM mode is active by the presence of the Secure System process in the task manager.
Or by the event “Credential Guard (Lsalso.exe) was started and will protect LSA credential” in the system log.
VSM Security Testing
So, on machines with VSM mode enabled, we register under the domain name account and as a local administrator we run the following mimikatz command:
mimikatz.exe privilege::debug sekurlsa::logonpasswords exit
We see that the LSA is running in an isolated environment and user password hashes cannot be obtained.
If the same operation is performed on a machine with VSM disabled, we obtain an NTLM hash of the user's password, which can be used for “pass-the-hash” attacks. 
Other identical option names: Vanderpool Technology, VT Technology.
The Virtualization Technology option is designed to enable the processor's support for hardware virtualization technology. This option can take only two values – Enabled and Disabled.
What does the term “virtualization” actually mean? Virtualization technology allows a user to have many virtual computers on a single physical computer. Naturally, this approach often has many advantages compared to having several physical computers, primarily in terms of reducing equipment costs and reducing energy consumption.
To create virtual computers, special software is required. The most well-known virtualization software is VMWare and Microsoft Virtual PC.
The heart of any virtualization system is a technology called Virtual Machine Monitor (VMM). This technology provides a solid foundation for managing virtualization. The function of the virtual machine manager (also sometimes called a hypervisor) is to manage computer resources in real time and distribute them between virtual systems. The hypervisor can transfer data between systems and create virtual disks.
Virtual Machine Manager allows you to run either multiple operating systems (usually called guest operating systems) or multiple copies of the same operating system on a single computer. Its tasks also include managing memory, processor and input/output device resources in order to distribute them between different virtual computers. In this way, the hypervisor can allow multiple operating systems to share the same processor, making it more efficient.
However for a long time Virtualization technology was based only on software methods, and there was almost no support for it at the hardware level, in particular due to the lack of clear standards. Although one of the first implementations of hardware virtualization was support for the virtual operating mode of the Intel 8086 processor, built into the 80386 processor and subsequent Intel processors (you can learn more about the processors), however, the capabilities of this technology were limited. Today, leading processor manufacturers, Intel and AMD, offer their own virtualization technologies designed for the protected mode of processor operation.
Intel's version of virtualization technology is called VT-x. It appeared in 2005. This technology introduced a number of improvements to server and client platforms to support software virtualization. VT-x technology allows different operating systems and applications to run on independent partitions and can turn a computer into a set of virtual operating systems.
AMD's virtualization technology is called AMD-V. She first appeared in Athlon processors 64 in 2006. This technology allows you to take over some of the tasks performed by the hypervisor programmatically and simplify them with an improved instruction set built into AMD processors.
Compared to programmatic method virtualization Hardware virtualization has a number of advantages. The fact is that operating systems designed for Intel platforms, were developed in such a way that the operating system had to have direct access to the computer's hardware resources. Software virtualization emulated necessary equipment, and hardware virtualization technologies allowed the operating system to directly access hardware resources, avoiding any emulation.
Processor virtualization extensions offer new approaches to managing virtualization. Briefly, the essence of the improvements can be described as follows. Operating systems provide different levels access to resources called protection rings. These rings represent a hierarchy of privileges within a computer system architecture. The most privileged level is usually zero. This layer can also access resources directly.
In traditional Intel architecture The x86 operating system kernel can directly access the processor at level 0. However, in a software virtualization environment, the guest operating system cannot perform work at level 0 because it is occupied by the hypervisor. Therefore, the guest operating system can only run at level 1.
But there is a catch - some processor instructions can only be executed at level 0. This problem can be solved in several ways, but none of them is satisfactory. For example, the operating system can be recompiled to avoid such situations, but this can only be done if source codes of this operating system. This approach is sometimes used and is called paravirtualization.
But in cases where paravirtualization is not possible, another solution is usually used. Virtual Machine Manager simply intercepts necessary instructions guest operating system and replaces them with safe ones. It goes without saying that this approach leads to a significant drop in performance. Accordingly, software virtual machines are often much slower than their real counterparts.
Therefore, hardware virtualization technologies from Intel and AMD contain not only new processor instructions, but also, crucially, allow for a new level of privilege. Now the hypervisor can operate at a level lower than zero (this can be denoted as –1), while the guest operating system is given full control over level zero. Thus, the hypervisor was spared unnecessary painstaking work, and the performance of virtual machines increased significantly.
Intel and AMD technologies are not identical in every way, but they offer similar benefits and functionality. In addition to increasing the performance of virtual machines, they allow you to increase the number of virtual machines on one physical system, as well as increase the number of virtual machine users.
Should I include it?
The Virtualization Technology option (sometimes called simply Virtualization) allows the computer user to operate at the CPU level. Selecting Enabled enables this support, and selecting Disabled disables it.
The Virtualization Technology option should only be enabled if you are using your computer to run virtual machines. Enabling hardware support for virtual machines can significantly improve their performance. However, if virtual machines are not used, enabling the option will not affect the performance of the computer in any way.