Azure announces next generation Intel SGX confidential computing VMs

Microsoft Azure was the first major cloud provider to announce support for confidential computing. Over the past 3 years, we have helped customers leverage the benefits of Azure confidential computing to scale and protect their most privacy and security sensitive workloads in the public cloud. Earlier this year we became the cloud provider with the broadest support for confidential computing cloud services.

 

Today, we are announcing game changing upgrades to the DC-series family with the public preview of DCsv3 and DCdsv3-series Azure Virtual Machines.

 

DC-series VMs are unique as they offer support for Intel® Software Guard Extensions (Intel SGX). These VMs allow customers to create enclaves that protect data while processing in the CPU by keeping it encrypted and isolated in memory, thus protecting data from the operating system, hypervisors with escalated privileges, and Azure operators.

 

Now with the 3rd Gen Intel® Xeon Scalable processors, the capabilities of DC-series have improved substantially. The size of the Enclave Page Cache (EPC) for Intel SGX has increased 1500x to support much larger workloads, regular memory has been increased 12x and up to 48 CPU cores enable more performance for memory intensive workloads while maintaining data confidentiality.

 

DC-series features Intel SGX which offers application-level isolation for granular security control. Many customers desire protections and encryption at the VM-level to “lift and shift” existing VMs into a more protected infrastructure. With this generation, we’re enabling customers to encrypt their VM with separate and unique keys using Intel® Total Memory Encryption – Multi Key, which enables always-on encryption and provides protection against tenants on the same node. Leveraging both, customers using Intel SGX get confidential computing in application enclaves and additional protection for all software in their VMs.

 

Microsoft Azure Attestation and Azure Kubernetes Service (AKS) support

 

Attestation is the process of verifying that software binaries are executing on a trusted hardware platform. Intel® Xeon Scalable processors supports ECDSA-based attestation solutions to remotely verify identities of the SGX enclaves. Microsoft Azure Attestation supports ECDSA, is free and reinforces the verifiable security promises made through a unified framework for attesting multiple trusted execution environments.

 

We are extending Azure Kubernetes Service (AKS) support to the confidential computing SGX add-on for AKS. This added support significantly improves the performance of memory intensive workloads that utilize Confidential containers, such examples include data analytics, ML training and inferencing and multi-party data computation. 

 

How customers are succeeding with Azure confidential computing

 

Confidential computing has proven useful for AI/ML and Blockchain scenarios. We are partnering with Mithril Security and iExec, to enable them to utilize the benefits of Intel SGX in protecting sensitive machine learning code and data.

 

“Azure confidential computing has enabled us with the latest generation of Intel SGX. By using the 3rd Generation Intel Scalable Processors, Mithril Security have built a Confidential AI solution with data-in-use protection and code attestation that addresses customers desires for privacy, scalability, and ease of use. In the past, SGX memory constraints made it impossible to have reasonable throughput for AI workloads, this has been overcome with latest generation of DC-series.” – Daniel Huynh, CEO of Mithril Security

 

“Azure confidential computing efficiently addresses security concerns by protecting data-in-use. iExec Blockchain platform leverages Intel SGX to enable high-value data to be widely shared and used while preserving its privacy and ownership. The coming together of these unique capabilities on iExec Blockchain platform empowers AI developers to protect their intellectual property, whilst creating new economic opportunities for AI developers.” – Lei ZHANG, Director of Information Security, iExec Blockchain Tech

 

Learn more about the preview

 

The preview starts in East US 2, Central US, North Europe and West Europe. Over the coming months, we will expand to more datacenters for disaster recovery and high availability capabilities, as we approach general availability.

 

If you’d like to learn more, please see the VM specifics, further documentation, onboarding guide and frequently asked questions.

Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries.