Intel Powers New Azure Confidential Computing VMs

Confidential computing helps organizations meet their privacy and security needs.




On Nov. 2, Microsoft announced the public preview of its newest Azure Confidential Computing Virtual Machines (VMs), DCsv3, powered by the latest 3rd Gen Intel® Xeon® Scalable processors and Intel® Software Guard Extensions (Intel® SGX). Customers can now run even larger enterprise-class workloads across fewer VMs while better protecting data in use, harnessing transformational improvements such as a 1,500x enclave page cache (EPC) memory increase that allows trusted execution environments of up to 256GB memory to address the most memory-sensitive workloads.

Read the full announcement on Microsoft’s Azure news blog.

The newest DCsv3 instances are also equipped with Intel® Total Memory Encryption – Multi-Key (Intel® TME-MK), which encrypts all system memory and provides enhanced protection against a range of physical attacks. With Intel TME-MK, Azure can encrypt each VM’s memory space with a unique hardware-protected key, enabling greater protection and separation for each VM on the node. This additional capability requires no code modifications to the guest VMs software and is on by default.

Customers running containerized workloads can also help safeguard their sensitive data using Intel SGX, as Azure Confidential Computing VMs are available in Azure Kubernetes Service (AKS) as a worker node option.

In addition, Microsoft announced general availability of its latest general compute instances, DV5 and EV5, featuring 3rd Gen Intel® Xeon® Scalable processors that feature built-in AI and security features optimized for cloud, enterprise, high performance computing, 5G and intelligent edge applications. Built-in crypto acceleration features within the processor reduce the performance impact of pervasive encryption. Businesses can process up to 1.39x more online transactions and realize up to 1.27x faster time-to-insight for data warehouse workloads using Microsoft Azure VMs equipped with 3rd Gen Intel Xeon Scalable processors.

Safeguarding Data Privacy Unlocks Possibilities in Highly Regulated Industries

Customers around the globe are leveraging Azure Confidential Computing VMs powered by Intel Xeon Scalable processors and Intel SGX to help safeguard their data privacy including those in healthcare and financial services.

Leidos collaborated with Fortanix to create a service running on the new DCsv3 VM that aims to fast-track the clinical drug approval process — and, in turn, speed new drugs to market more quickly, safely and cost-effectively — by facilitating real-time sharing of critical real-world evidence while meeting stringent patient privacy and industry compliance regulations.

University of California, San Francisco (UCSF) joined forces with Fortanix, Intel and Microsoft to improve patient outcomes using its privacy-preserving analytics BeeKeeperAI platform, clearing data privacy obstacles to create broad datasets, and, in turn, advancing the development of reliable clinical algorithms. The BeeKeeperAI platform enables organizations to share data without ever relinquishing control of it, creating a “zero-trust” environment. The ability to create these broad data sets from various sources improves the potential of AI in clinical healthcare and helps address inequities and disparities in care.

Royal Bank of Canada introduced Virtual Clean Room (VCR), a privacy-preserving multiparty data-sharing and collective insight generation platform, to enhance customer experiences by providing them with real-time, personalized offers, while better protecting their data and confidentiality and keeping their information highly secure.

Additional Context:  Confidential Computing Consortium Announces Gramine 1.0, New Research from Everest Group │ 3rd Gen Intel Xeon Scalable Processors (Press Kit)

Intel Partner Stories: Intel Customer Spotlight on | Partner Stories on Intel Newsroom