Intel Corp. today introduced a new data center product aimed at expanding access to SGX, a technology for protecting sensitive workloads that’s currently available only on a limited subset of its chips.

SGX stands for Secure Guard Extensions. It’s a set of instruction codes programmed into Intel’s Xeon E server processors that can cordon off parts of a chip’s onboard memory, creating so-called secure enclaves inaccessible even to administrators. These enclaves enable applications to run sensitive code and data in isolation to provide an added layer of protection.

The newly introduced SGX Card (pictured) will take the technology beyond the Xeon E series. It’s a PCIe accelerator that companies can plug into their existing Xeon-based servers to run secure enclaves. This should remove the need for enterprises to wait until their next major upgrade cycle to implement the technology, which could speed up adoption.

The SGX Card isn’t a new offering per se, but rather a modified version of an existing product called Intel VCA. Intel originally developed the device to speed graphically intensive workloads such as virtual desktops. The chipmaker has disabled the graphic acceleration components and reoptimized the card’s three onboard Xeon E chips for secure enclaves.

Intel said a standard two-rack-unit Xeon server from its partners has room for four cards, meaning up to 12 SGX-enabled processors per machine. The product is intended to serve as a stopgap until the chipmaker adds native secure enclave support to more of its server chips with future product releases.

Intel sees the card being particularly useful for cloud customers. Raejeanne Skillern, the vice president of Intel’s data center group, revealed that several major providers are in the process of adopting SGX.

“Leading cloud providers are developing their plans to bring the Intel SGX Card into their infrastructure, utilizing abstraction layers to test and develop software in preparation to scale once Intel SGX is available natively on future Intel Xeon Scalable processors,” Skillern wrote in a blog post.

The SGX Card will start shipping later this year. Alongside the device, Intel plans to release the code for an internally developed security tool called HBFA that it also announced today.

The software will let device makers look for vulnerabilities in their firmware using a method known as unit testing, which involves individually assessing code components before they’re combined. According to Intel, this technique has historically been difficult to apply in firmware development.

Image: Intel