Expanded Confidential Computing portfolio and introducing Confidential Accelerators for AI workloads
Sam Lugani
Product Lead, Confidential Computing & Confidential AI
Nelly Porter
Director, Product Management, Google Cloud
Editor’s note: As of June 2024, Confidential VM with AMD SEV-SNP is generally available on the general purpose N2D machine series. As of September 2024, Confidential VM with Intel TDX and Intel AMX is generally available on the general purpose C3 machine series. As of October 2024, Confidential VM with NVIDIA H100 GPU is in preview on the accelerator optimized A3 machines series.
Confidential Computing can help organizations process sensitive data in the cloud with strong guarantees around confidentiality. We’ve continued to make strides in maturing this important technology, and are collaborating with industry leaders including Intel, AMD, and NVIDIA on advancing Confidential Computing solutions.
Today at Google Cloud Next, we are excited to announce advancements in our Confidential Computing solutions that expand hardware options, add support for data migrations, and further broaden the partnerships that have helped establish Confidential Computing as a vital solution for data security and confidentiality.
Confidential VMs with Intel TDX and built-in accelerator with AMX
We are excited to unveil the preview of Intel Trust Domain Extensions (TDX) for Confidential Computing. Intel TDX offers a new level of hardware-based confidentiality, integrity, and isolation for virtual machines, offering enhanced protection for your most sensitive data and applications.
“Intel’s collaboration with Google Cloud on Confidential Computing helps organizations strengthen their data privacy, workload security and compliance in the cloud, especially with sensitive or regulated data,” said Anand Pashupathy, vice president and general manager, security software and services division, Intel. “Google Cloud’s new C3 instances and Confidential Spaces solution enable organizations to easily port their workloads to a confidential environment and collaborate with partners on joint analyses while keeping their data private.”
Confidential VMs on the new C3 virtual machines series use 4th Gen Intel Xeon Scalable CPUs and leverage Intel Trust Domain Extensions (Intel TDX) technology. They work with Intel AMX, a new built-in accelerator that helps improve the performance of deep-learning training and inference on the CPU. They’re also ideal for workloads like natural-language processing, recommendation systems, and image recognition.
Our customers can now explore the benefits of Confidential Computing on Intel TDX and AMX and provide feedback as we continue to refine this groundbreaking technology.
“Utilizing Google Cloud's C3 VMs equipped with Intel TDX has empowered Edgeless Systems to further enhance our Constellation and Contrast solutions. The inclusion of Intel TDX now offers our customers greater choice and flexibility, ensuring they have access to the latest in Confidential Computing hardware options,” said Moritz Eckert, chief architect, Edgeless Systems.
Confidential VMs on N2D machine series with AMD SEV-SNP in preview
Confidential VMs on general purpose N2D machine series with AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) are also now in preview. AMD SEV-SNP is the latest Confidential Computing technology from AMD. It builds upon AMD SEV and its security features data and memory confidentiality, and adds strong memory integrity protection to help prevent malicious hypervisor-based attacks like data replay, memory remapping, and others. Confidential VMs with AMD SEV-SNP technology can help keep your most sensitive data protected end to end in the cloud with remote attestation.
Live migration support for Confidential VMs now generally available
Live Migration for Confidential VMs can allow customers to use Confidential Computing technology with their long-lived workloads. It can minimize downtime from host maintenance events while preserving in-use protection. Live Migration on Confidential VMs is now in general availability on N2D machine series across all regions.
Introducing Confidential VMs with NVIDIA H100 Tensor Core GPUs for AI Workloads
Expanding our capabilities for secure computation, we're excited to unveil Confidential VMs on the A3 machine series with NVIDIA Tensor Core H100 GPUs GPUs. This offering extends hardware-based data and model protection with confidentiality, integrity, and isolation from the CPU to GPUs, enabling accelerated workloads critical to AI, machine learning, and scientific simulations. NVIDIA Confidential Computing on H100 GPUs allows customers to secure data while in use, and protect their most valuable AI workloads while accessing the power of GPU-accelerated computing, provides the additional advantage of performant GPUs to protect their most valuable workloads , no longer requiring them to choose between security and performance — with NVIDIA and Google, they can have the benefit of both.
Confidential VMs on A3 VMs offer NVIDIA H100 GPUs with NVIDIA HGX Protected PCIe can help ensure that sensitive code, AI models, and data remain protected even during compute-intensive operations. Accelerator-optimized A3 machine series with NVIDIA H100 GPUs will offer Confidential VMs in private preview later this year.
“The Confidential VM A3 powered by NVIDIA HGX H100 with Protected PCIe will help power a new era of business innovation driven by generative AI insights in the most performant and secure way.”—Daniel Rohrer, Vice President of Product Security at NVIDIA
Establishing key partnerships
We remain committed to fostering a collaborative ecosystem for Confidential Computing. We've expanded our partnerships with leading industry organizations, including chipmakers, cloud providers, and software vendors. These collaborations are instrumental in accelerating the development and adoption of Confidential Computing solutions, ultimately benefiting the entire cloud security landscape.
“As more enterprises migrate their data and workloads to the cloud, there is an increasing demand to safeguard the privacy and integrity of data, especially sensitive workloads, intellectual property, AI models and information of value. This collaboration enables enterprises to protect and control their data at rest, in transit and in use with fully verifiable attestation. Our close collaboration with Google Cloud and Intel increases our customers' trust in their cloud migration,” said Todd Moore, vice president, data security products, Thales.
By continuously innovating and collaborating, we're committed to making Confidential Computing the cornerstone of a secure and thriving cloud ecosystem. We invite you to explore our latest offerings and embark on your journey towards a future of secure and confidential cloud computing