Microsoft Azure, Intel Team for
April 27, 2020
Microsoft Azure DCsv2-Series
featuring a hardware-based trusted execution environment (TEE) built on
Intel® Software Guard Extensions was released for general availability.
Built on Intel’s trusted foundation, the Azure DCsv2-Series makes
confidential computing broadly available to enterprise customers who
want to leverage cloud computing while helping to keep sensitive
Anil Rao, Intel vice president, Data Center Security and Systems
Architecture said, “Customers demand the capability to reduce the attack
surface and help protect sensitive data in the cloud by encrypting data
in use. Our collaboration with Microsoft brings enterprise-ready
confidential computing solutions to market and enables customers to take
greater advantage of the benefits of cloud and multiparty compute
paradigms using Intel SGX technology.”
Combined with encrypted data storage and transmission methods, TEEs can
create an end-to-end protection architecture for sensitive data, such as
typically regulated data in financial services and healthcare. Microsoft
Azure is the first public cloud provider to offer broad virtualization
services using hardware-optimized TEEs as encryption mechanisms to help
protect customer data while in use. It allows data to be processed in
the cloud while offering even greater control over security and privacy.
Backed by Intel SGX, Azure confidential computing virtual machines run
code and data in isolation from the operating system, hypervisor or
virtual machine manager, and other privileged processes.
SGX is available today on Intel® Xeon® processor E-2100 family, and the
company is working to scale Intel SGX across our mainstream Xeon
platforms in upcoming generations. As announced in February, Intel is
continuing to extend Intel SGX with larger enclaves, extended
protections to offload accelerators, and improved performance. These
improvements will further expand the number of usages able to leverage
these advanced application isolation capabilities.
What’s Next: Intel and Microsoft empower customers to execute their data
in a more secure and private cloud environment. As two of the founding
members of the Confidential Computing Consortium, both companies are
committed to collaborating with the industry to deliver a more secure
computing infrastructure today and in the future.