平台完整性和安全性概述Platform integrity and security overview

Azure 机群由数百万台服务器(主机)组成,每天增加数千台服务器。The Azure fleet is composed of millions of servers (hosts) with thousands more added on a daily basis. 每天还会有数千台主机通过重新启动、操作系统刷新或维修来进行维护。Thousands of hosts also undergo maintenance on a daily basis through reboots, operating system refreshes, or repairs. 在主机可以加入机群并开始接受客户的工作负载之前,Microsoft 会验证主机是否处于安全可信的状态。Before a host can join the fleet and begin accepting customer workloads, Microsoft verifies that the host is in a secure and trustworthy state. 此验证可确保在供应链或维护工作流过程中,启动序列组件上没有发生恶意更改或无意的更改。This verification ensures that malicious or inadvertent changes have not occurred on boot sequence components during the supply chain or maintenance workflows.

保护 Azure 硬件和固件Securing Azure hardware and firmware

此系列文章介绍 Microsoft 如何在主机整个生命周期的各个阶段(从制造到弃用)中确保其完整性和安全性。This series of articles describe how Microsoft ensures integrity and security of hosts through various stages in their lifecycle, from manufacturing to sunset. 文章讨论了:The articles address:

后续步骤Next steps