Announcing Public Preview of Confidential VMs with Intel TDX in Azure Virtual Desktop

We are excited to announce that Azure Virtual Desktop now supports the public preview of DCesv5 and ECesv5-series confidential VMs. These confidential VMs are powered by 4th Gen Intel® Xeon® Scalable processors with Intel® Trust Domain Extensions (Intel® TDX) and enable organizations to bring confidential workloads to the cloud without code changes to applications. Through the gated preview, we continued to enhance performance with our Intel partnership. These new virtual machines are up to 20% faster than 3rd Gen Intel Xeon virtual machines, and we expect performance for I/O intensive workloads to continue to improve as the technology matures.

Azure confidential VMs (CVMs) offer VM memory encryption with integrity protection, which strengthens guest protections to deny the hypervisor and other host management components code access to the VM memory and state. For additional CVM security benefits, please see the CVM documentation for more information.

For more information on AVD’s support for confidential VMs, please see this blog.

For more information about Intel TDX confidential VMs, please see this blog for more information.

Note: Intel TDX is offered in Europe West, Central US, and East US 2 regions. Europe North will be available in January 2024.

How to deploy Intel TDX Confidential VMs in AVD Host Pool Provisioning

On the Virtual machine location, select “Europe West”, “Central US”, or “East US 2”.

On the Virtual machine location, select “Europe West”, “Central US”, or “East US 2”..png

Select Confidential Virtual Machines from the Security Type dropdown in the AVD Host Pool Virtual Machine blade.

Select Confidential Virtual Machines from the Security Type dropdown in the AVD Host Pool Virtual Machine blade..png

From there, go down to Virtual machine size, and click on “Change size” link.

Go down to Virtual machine size, and click on “Change size” link..png

You will then get directed towards a table that gives you all SKUs available, make sure on the top, that the “Type” is “Confidential Compute”.

“Type” is “Confidential Compute”..png

Expand the DC or EC-Series categories and select and of the DCesv5/ECesv5 SKUs appropriate for your demand.

Expand the DC or EC-Series categories and select and of the DCesv5.ECesv5 SKUs appropriate for your demand..png

Getting Started

To get started, please visit Azure Virtual Desktop to learn more about the various benefits AVD provides and to get started with your first deployment.

Visit Create a host pool - Azure Virtual Desktop to start deploying your first confidential VM in Azure Virtual Desktop through the Azure Portal. For more information about any of these features, please visit Azure Virtual Desktop security best practices - Azure.

Continue the conversation. Find best practices. Bookmark the Azure Virtual Desktop Community. Have feedback on the service? Share your thoughts and upvote others on the Azure Virtual Desktop Feedback board.

Learn more

Announcing Public Preview of Confidential VMs with Intel TDX in Azure Virtual Desktop

How to deploy Intel TDX Confidential VMs in AVD Host Pool Provisioning

Getting Started

Azure Virtual Desktop Blog articles

Share post:

Related

Azure Lab Services (Lab Account) - Planned Outage - May 24th, 2024

Intelligent FinOps in Azure

IBM Maximo Application Suite migration and modernization with Azure Red Hat OpenShift

Streamlining Microsoft Azure Identity and Security for Growth

Azure SDK Release (April 2024)

Sneak peek at new Azure edge infrastructure

Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!