What’s New: Today, Microsoft Azure DCsv2-Series featuring a hardware-based trusted execution environment (TEE) built on Intel® Software Guard Extensions (Intel® SGX) was released for general availability. Built on Intel’s trusted foundation, the Azure DCsv2-Series makes confidential computing broadly available to enterprise customers who want to leverage cloud computing while helping to keep sensitive workloads protected.
“Customers demand the capability to reduce the attack surface and help protect sensitive data in the cloud by encrypting data in use. Our collaboration with Microsoft brings enterprise-ready confidential computing solutions to market and enables customers to take greater advantage of the benefits of cloud and multiparty compute paradigms using Intel SGX technology.”
–Anil Rao, Intel vice president, Data Center Security and Systems Architecture
Why It Matters: Combined with encrypted data storage and transmission methods, TEEs can create an end-to-end protection architecture for sensitive data, such as typically regulated data in financial services and healthcare. Microsoft Azure is the first public cloud provider to offer broad virtualization services using hardware-optimized TEEs as encryption mechanisms to help protect customer data while in use. It allows data to be processed in the cloud while offering even greater control over security and privacy. Backed by Intel SGX, Azure confidential computing virtual machines run code and data in isolation from the operating system, hypervisor or virtual machine manager, and other privileged processes.
Intel SGX is available today on Intel® Xeon® processor E-2100 family, and the company is working to scale Intel SGX across our mainstream Xeon platforms in upcoming generations. As announced in February, Intel is continuing to extend Intel SGX with larger enclaves, extended protections to offload accelerators, and improved performance. These improvements will further expand the number of usages able to leverage these advanced application isolation capabilities.
What’s Next: Intel and Microsoft empower customers to execute their data in a more secure and private cloud environment. As two of the founding members of the Confidential Computing Consortium, both companies are committed to collaborating with the industry to deliver a more secure computing infrastructure today and in the future.
More Context: Data Center News
The Small Print: No product or component can be absolutely secure.