INFRA
INFRA
INFRA
Intel’s new SGX Card expands access to its secure enclave technology
Intel Corp. today introduced a new data center product aimed at expanding access to SGX, a technology for protecting sensitive workloads that’s currently available only on a limited subset of its chips.
SGX stands for Secure Guard Extensions. It’s a set of instruction codes programmed into Intel’s Xeon E server processors that can cordon off parts of a chip’s onboard memory, creating so-called secure enclaves inaccessible even to administrators. These enclaves enable applications to run sensitive code and data in isolation to provide an added layer of protection.
The newly introduced SGX Card (pictured) will take the technology beyond the Xeon E series. It’s a PCIe accelerator that companies can plug into their existing Xeon-based servers to run secure enclaves. This should remove the need for enterprises to wait until their next major upgrade cycle to implement the technology, which could speed up adoption.
The SGX Card isn’t a new offering per se, but rather a modified version of an existing product called Intel VCA. Intel originally developed the device to speed graphically intensive workloads such as virtual desktops. The chipmaker has disabled the graphic acceleration components and reoptimized the card’s three onboard Xeon E chips for secure enclaves.
Intel said a standard two-rack-unit Xeon server from its partners has room for four cards, meaning up to 12 SGX-enabled processors per machine. The product is intended to serve as a stopgap until the chipmaker adds native secure enclave support to more of its server chips with future product releases.
Intel sees the card being particularly useful for cloud customers. Raejeanne Skillern, the vice president of Intel’s data center group, revealed that several major providers are in the process of adopting SGX.
“Leading cloud providers are developing their plans to bring the Intel SGX Card into their infrastructure, utilizing abstraction layers to test and develop software in preparation to scale once Intel SGX is available natively on future Intel Xeon Scalable processors,” Skillern wrote in a blog post.
The SGX Card will start shipping later this year. Alongside the device, Intel plans to release the code for an internally developed security tool called HBFA that it also announced today.
The software will let device makers look for vulnerabilities in their firmware using a method known as unit testing, which involves individually assessing code components before they’re combined. According to Intel, this technique has historically been difficult to apply in firmware development.
Image: Intel
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
