To provide east-west storage encryption, Windows Server 2022 failover clusters support granular control of encrypting and signing intranode storage communications for cluster shared volumes (CSV) and the storage bus layer (SBL). Windows Server 2022 supports AES-256-GCM and AES-256-CCM cryptographic suites for SMB encryption as well as TLS 1.3 to help provide a communication channel between two endpoints with increased security features.
Microsoft Windows Server 2022 features the Secured-core OS option, which uses Trusted Platform Module 2.0 and System Guard secure boot option to reduce risk from firmware vulnerabilities and to help provide multilayer security across hardware, firmware, and the operating system.