UPDATED 15:35 EDT / FEBRUARY 27 2019

INFRA

Intel’s new SGX Card expands access to its secure enclave technology

Intel Corp. today introduced a new data center product aimed at expanding access to SGX, a technology for protecting sensitive workloads that’s currently available only on a limited subset of its chips.

SGX stands for Secure Guard Extensions. It’s a set of instruction codes programmed into Intel’s Xeon E server processors that can cordon off parts of a chip’s onboard memory, creating so-called secure enclaves inaccessible even to administrators. These enclaves enable applications to run sensitive code and data in isolation to provide an added layer of protection.

The newly introduced SGX Card (pictured) will take the technology beyond the Xeon E series. It’s a PCIe accelerator that companies can plug into their existing Xeon-based servers to run secure enclaves. This should remove the need for enterprises to wait until their next major upgrade cycle to implement the technology, which could speed up adoption.

The SGX Card isn’t a new offering per se, but rather a modified version of an existing product called Intel VCA. Intel originally developed the device to speed graphically intensive workloads such as virtual desktops. The chipmaker has disabled the graphic acceleration components and reoptimized the card’s three onboard Xeon E chips for secure enclaves.

Intel said a standard two-rack-unit Xeon server from its partners has room for four cards, meaning up to 12 SGX-enabled processors per machine. The product is intended to serve as a stopgap until the chipmaker adds native secure enclave support to more of its server chips with future product releases.

Intel sees the card being particularly useful for cloud customers. Raejeanne Skillern, the vice president of Intel’s data center group, revealed that several major providers are in the process of adopting SGX.

“Leading cloud providers are developing their plans to bring the Intel SGX Card into their infrastructure, utilizing abstraction layers to test and develop software in preparation to scale once Intel SGX is available natively on future Intel Xeon Scalable processors,” Skillern wrote in a blog post.

The SGX Card will start shipping later this year. Alongside the device, Intel plans to release the code for an internally developed security tool called HBFA that it also announced today.

The software will let device makers look for vulnerabilities in their firmware using a method known as unit testing, which involves individually assessing code components before they’re combined. According to Intel, this technique has historically been difficult to apply in firmware development.

Image: Intel

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.