Today, Intel is announcing hardware support for Intel® TDX Connect technology on many Intel® Xeon 6 processors. Intel® Trust Domain Extensions (Intel® TDX) is our confidential computing technology that protects workloads at the virtual machine (VM) level. Intel TDX Connect enables seamless encrypted communications between a Confidential VM and an enabled PCI Express device and was first disclosed at the Open Confidential Computing Conference (OC3) in early 2023. This capability is critical to enabling confidential usage models that extend beyond the CPU to connected devices such as GPUs, Smart NICs, or storage drives. Intel TDX Connect is an extension of the architecture designed to enhance confidential computing infrastructure and is also designed to improve I/O virtualization performance.
Confidential AI
AI is being applied to many business and consumer applications, but concerns about protecting sensitive and regulated data in AI services may present a roadblock to key initiatives. It is wise to be cautious about security and data leaks with such fast-changing technology.
Confidential AI is a use case that combines transformational AI capabilities with the security and data protection of confidential computing. In many cases, Confidential AI is a partnership between a Trusted Execution Environment (TEE) on the CPU and a TEE on the AI accelerator such as a GPU. Intel TDX Connect provides a high-performance, encrypted connection between the CPU and GPU-based TEEs, allowing fast data transfers and secure direct memory access (DMA).
With Confidential AI, organizations can confidently open silos containing sensitive and regulated data and put that data to work exposing new insights. The data is protected on the CPU by Intel TDX, on the accelerator by the GPU TEE, and kept confidential in between the two by Intel TDX Connect capabilities. This helps ensure end-to-end compliance and data security.
Intel® TDX Connect is Intel’s implementation of TEE-IO, and Nvidia plans to support TEE-IO on its Blackwell platform.
Confidential Computing Solutions Available Today
Intel Xeon 6 processors support Intel TDX Connect capabilities, but it is likely later in 2025 before the host OS and device ecosystem is fully ready to create solutions. However, confidential computing cloud instances and OEM systems with Intel technology are available today, ready to get you going on the journey to more secure, private, and compliant workloads. Options include:
- Cloud instances and systems featuring Intel® Software Guard Extensions (Intel® SGX), our application isolation technology with the smallest trust boundary in the data center compared to other confidential computing technologies. The small trusted computing base (TCB) makes Intel SGX popular with our security-focused customers across priority usages.
- Cloud instances and systems with Intel TDX, which isolates the entire VM. Despite the fact that this is a larger trust boundary than Intel SGX, customers appreciate the ease of deployment, often with no code changes.
- There are also ready-to-deploy confidential cloud solutions from innovators such as Opaque Confidential AI and Decentriq for data clean rooms.
Heading to Market with Key Ecosystem Partners
Intel is excited to announce hardware support for Intel® TDX Connect on the recently launched Intel® Xeon® 6 processor with Performance-cores. Customer-deployable solutions will require enabling the PCIe devices and the host OS/hypervisor, but hardware support for Intel TDX Connect on Intel Xeon 6 processors provides a launching pad for these innovations.
Intel is collaborating with partners to expand the deployment of Intel TDX Connect capabilities throughout the partner ecosystem. Microsoft has already committed to enabling Intel TDX Connect support in future Microsoft Azure instances.
"Microsoft is excited to productize Intel TDX Connect into future generations of Azure confidential VMs, which is in early development between our hardware and software developers. Intel TDX Connect represents a major milestone in our journey to improve confidential computing performance and extensibility. It enables existing and net-new workloads to benefit from the privacy assurances of confidential computing without compromising on price or performance."
-Vikas Bhatia, Head of Product for Azure Confidential Computing at Microsoft
Intel is collaborating with other device and accelerator vendors to ensure they support PCIe protocols that underpin Intel TDX Connect, allowing for the successful expansion of Intel TDX-based confidential computing capabilities for a variety of customer needs.
Intel TDX Connect is supported on Intel® Xeon® 6 processors, so we’ll be ready as the software and device ecosystem comes to fruition and opens up new possibilities in GPU-accelerated Confidential AI and other use cases.
Learn more about the business benefits of Intel® TDX as well as the Intel® Xeon® 6 processor family.
Notices and Disclaimers
Performance varies by use, configuration, and other factors. Learn more on the Performance Index site.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates. See backup for configuration details. No product or component can be absolutely secure.
Your costs and results may vary.
Intel technologies may require enabled hardware, software, or service activation.
© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.