Confidential computing helps organizations meet their privacy and security needs.
Microsoft has announced the public preview of its newest Azure Confidential Computing Virtual Machines (VMs), DCsv3, powered by the latest 3rd Gen Intel Xeon Scalable processors and Intel Software Guard Extensions (Intel SGX).
Customers can now run even larger enterprise-class workloads across fewer VMs while better protecting data in use, harnessing transformational improvements such as a 1,500x enclave page cache (EPC) memory increase that allows trusted execution environments of up to 256GB memory to address the most memory-sensitive workloads.
The newest DCsv3 instances are also equipped with Intel Total Memory Encryption – Multi-Key (Intel TME-MK), which encrypts all system memory and provides enhanced protection against a range of physical attacks.
With Intel TME-MK, Azure can encrypt each VM’s memory space with a unique hardware-protected key, enabling greater protection and separation for each VM on the node. This additional capability requires no code modifications to the guest VMs software and is on by default.
Customers running containerized workloads can also help safeguard their sensitive data using Intel SGX, as Azure Confidential Computing VMs are available in Azure Kubernetes Service (AKS) as a worker node option.
In addition, Microsoft announced general availability of its latest general compute instances, DV5 and EV5, featuring 3rd Gen Intel Xeon Scalable processors that feature built-in AI and security features optimized for cloud, enterprise, high performance computing, 5G and intelligent edge applications. Built-in crypto acceleration features within the processor reduce the performance impact of pervasive encryption. Businesses can process up to 1.39x more online transactions and realize up to 1.27x faster time-to-insight for data warehouse workloads using Microsoft Azure VMs equipped with 3rd Gen Intel Xeon Scalable processors.