Cloud
Examine critical components of Cloud computing with Intel® software experts
119 Discussions

Microsoft Azure Adds Confidential VMs to Expand Options for Confidential Computing

Rick_Echevarria
Employee
2 0 18.9K

New Microsoft Azure confidential virtual machines (VMs) with Intel® Trust Domain Extensions (Intel® TDX), a hardware-based trusted execution environment (TEE), give enterprises confidential computing at the VM level. By offering VMs with Intel TDX, Microsoft is expanding its Azure portfolio to offer isolation at the VM, container, and application levels to meet diverse enterprise needs.

Azure DCesv5-series and ECesv5-series confidential VMs with Intel TDX make it easier to deploy existing applications while providing strong isolation properties. For those already using Azure instances with Intel® Software Guard Extensions (Intel® SGX), which implement confidential computing at a more granular application level, VMs with Intel TDX expand the available options for organizations deploying Confidential Computing.

Picture1.jpg

VM Use Cases

With these confidential VMs, enterprises can implement a range of use cases:

  • Migrate sensitive databases and enterprise applications to the cloud without code changes
  • Maintain privacy while collaborating on multi-party analysis, which often involves combining data from multiple sources for AI applications
  • Strengthen compliance and data sovereignty programs
  • Set up hardware-based isolation and access controls

The DCesv5 series offers up to 96 vCPUs and ranges from 4–384 GB of memory. ECesv5 offers up to 128 vCPU and ranges up to 768 GiB of memory.

Adding Value Across Industries

These confidential VMs also deliver value when seen through an industry lens. From AI-powered healthcare to fraud prevention in financial services, these VMs enable businesses to experience more collaboration, insights, and innovation:

  • Healthcare organizations can deploy these Azure VMs to handle regulated information or manage confidential multi-party collaborations, such as medical research.
  • Financial services firms can use these VMs to handle high volumes of confidential and regulated data.
  • Retailers with large databases of confidential customer data can use these VMs for advanced analyses that must be kept private. The movement toward cookie-less advertising technology has also opened new uses for advertisers, who can combine multiple datasets in a privacy-preserving environment to better target customers.
  • Governmental organizations with many sensitive applications who face advanced persistent threats might consider deploying Confidential Computing with VMs like these a high priority.
  • Industrial and edge deployments might have valuable data or software intellectual property (IP) in distributed locations lacking rigorous physical security, making using these confidential VMs an option.

Intel TDX Role

These Azure VMs run on 4th Gen Intel® Xeon® Scalable processors with Intel TDX. Intel TDX facilitates the deployment of trust domains (TD), which are hardware-isolated VMs designed to protect sensitive data and applications from unauthorized access. Intel TDX is designed to help prevent the hypervisor and other host management code including the cloud admins, from accessing the VM memory and state. It also helps ensure workload integrity and confidentiality by mitigating software and hardware attacks, including intrusion or inspection by software running in other VMs.

Protect Your Data

Intel’s portfolio of Confidential Computing solutions (Intel® SGX, Intel® TDX and Intel® Trust Authority) enables customers to unleash the power of their data while addressing confidentiality, privacy, integrity, and sovereignty concerns. Azure offers one of the most comprehensive Confidential Computing portfolios in the industry. Start your journey towards Confidential Computing on Azure VM’s with Intel TDX.

Learn more about Azure confidential VMs on Intel CPUs

Learn more about Intel Confidential Computing

 

Notices and Disclaimers

Performance varies by use, configuration, and other factors. Learn more on the Performance Index site.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available ​updates. See backup for configuration details. No product or component can be absolutely secure.
Your costs and results may vary.
Intel technologies may require enabled hardware, software, or service activation.
© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.

About the Author
Ricardo (Rick) J. Echevarria is the vice president and general manager of Security Sales at Intel Corporation. A growth-minded business leader with more than 25 years of success spanning technology, cybersecurity, professional services, and enterprise software, Echevarria has held a variety of leadership positions with Intel Corporation. He has overseen divisions responsible for the corporate segment personal computing P&L, as well as the management, development, and delivery of Intel’s cybersecurity technology roadmap. Rick was instrumental in the growth and development of the worldwide software developer ecosystem for Intel architecture-based products and was responsible for building a worldwide professional services organization inside Intel. Before assuming his current role, Rick led Intel’s Olympics and Paralympics Office where he was responsible for establishing and accelerating Intel technology solutions in the market through exclusive and transformational integrations on one of the largest international platforms in the world, the Olympic Games. Rick has also been leading Intel’s Pandemic Response Technology Initiative. This includes the management of a $50M fund targeted at investments in pandemic response and readiness, on-line learning, and ecosystem/partner innovation. Echevarria has a bachelor’s degree in industrial engineering from Purdue University and a master’s degree in computer systems management from Union College. He has also served as chair of the Intel Hispanic Leadership Council and has received the Distinguished Engineer Award from Purdue University’s College of Engineering.