Full Report
Editor’s note: As of September 2024, Confidential VM with Intel TDX is generally available on the general purpose C3 machine series.For organizations who want to bring and process their most sensitive compute workloads in the cloud without any code changes, we offer Confidential virtual machines (VMs) that leverage the latest hardware-based security technology.Through our partnership with Intel, we are extending our Confidential VMs on the new C3 machines series that uses 4th Gen Intel Xeon Scalable CPUs and leverages Intel Trust Domain Extensions (Intel TDX) technology. Available now in private preview, these next-generation Confidential VMs expand Google’s Confidential Computing product portfolio to include different hardware vendors, giving customers more choice when it comes to cryptographically isolating their workloads from other VMs — and even the cloud provider itself. aside_block ), ('btn_text', 'Subscribe today'), ('href', 'https://go.chronicle.security/cloudciso-newsletter-signup?utm_source=cgc-blog&utm_medium=blog&utm_campaign=FY23-Cloud-CISO-Perspectives-newsletter-blog-embed-CTA&utm_content=-&utm_term=-'), ('image', )])]> “Our goal with Confidential Computing is to help organizations unlock the full value of their data assets, even if that data is sensitive or regulated,” said Anil Rao, VP & GM of Systems Architecture & Engineering at Intel. “Google Cloud’s latest C3 machine series with Intel TDX deliver the security and performance customers require for advanced analytics and AI solutions, while protecting their data, and enhancing their privacy and compliance.”How Confidential Computing can help secure dataConfidential Computing is the protection of data in-use through hardware-based technologies. Confidential VMs are a type of Compute Engine VM that uses confidential computing to ensure data and applications stay private and encrypted even while in use. Customers can use Confidential VMs as part of their security strategy, so they do not expose their data or workloads during processing, all without any code changes to their applications. Customers are used to encrypting data at rest and data in transit to help maintain confidentiality and integrity, and confidential computing enables customers to encrypt data during runtime, providing additional protection.Making Confidential VMs available on our latest general-purpose C3 machine series allows customers to seamlessly secure their workloads while enjoying the enterprise-grade performance and reliability of the 4th Gen Intel Xeon scalable processor. The C3 machine series offers industry-leading price-performance and is suitable for a variety of workloads including CPU-based AI and ML training and inference, high traffic web, app, ad servers, databases and data analytics.Canonical, which develops Ubuntu, has been a longtime partner with Google Cloud on our Confidential Computing solutions. Canonical offers comprehensive support for Intel TDX within the Linux stack on Google Cloud, spanning from the kernel to firmware and accompanying tools. “Intel TDX represents a cutting-edge security feature designed to fortify sensitive workloads against a spectrum of potential threats,” said Hugo Huang, public cloud alliance director, Canonical. “In close collaboration with Google and Intel, the Canonical team ensures that Ubuntu delivers optimized support for the creation and management of virtual machines leveraging Intel TDX. This support empowers users to safeguard their data and applications against unauthorized access and tampering. Beyond the bolstered security, our Google users stand to benefit from enhanced performance and simplified operational intricacies.”The C3 machine series uses Intel TDX as their confidential computing technology. Intel TDX aims to isolate VMs from the host and hypervisor and protect VMs against a broad range of software and hardware attacks. Each VM is hardware-isolated into a “Trust Domain” (TD), which helps strengthen customers’ control of their data and IP. A key feature of Intel TDX is remote attestation, which gives customers the ability to verify their VM is running with memory and CPU state confidentiality and integrity in a hardened environment.At Google, we will continue to invest in privacy preserving technologies like confidential computing to ensure that the new security innovations are secure, easy to use, and easy to adopt. Earlier this year, Google’s Project Zero partnered with Intel to perform a full security audit of Intel TDX. The audit identified a handful of improvements which Intel implemented before introducing the 4th Gen Xeon Scalable processor. Launching our first Intel-based confidential computing offering is just one of many milestones we’ll reach to deliver the industry’s most Trusted Cloud. Get started with Confidential VMs with Intel TDX Sign up for the private preview of Intel TDX on Confidential VMs today at this sign-up form and view the announcement at this year’s Google Cloud Next.
Analysis Summary
# Industry News: Google Cloud and Intel Expand Confidential Computing with TDX
## Summary
Google Cloud has announced the general availability of Confidential Virtual Machines (VMs) on its general-purpose C3 machine series, powered by 4th Gen Intel Xeon Scalable processors. By leveraging Intel Trust Domain Extensions (TDX), this update enables organizations to encrypt data during runtime and isolate sensitive workloads from the host and hypervisor without requiring code changes.
## Key Details
- **Date:** September 2024 (General Availability); originally announced September 2023.
- **Companies Involved:** Google Cloud, Intel, Canonical (Ubuntu).
- **Category:** Product Launch / Strategic Partnership.
## The Story
Building on their long-term partnership, Google and Intel have integrated Intel Trust Domain Extensions (TDX) into Google Cloud’s C3 machine instances. Confidential Computing addresses the "final frontier" of data security: data in-use. While encryption for data-at-rest and data-in-transit is standard, data-in-use has historically been vulnerable during processing.
Intel TDX creates a hardware-isolated "Trust Domain" (TD) for each VM, effectively shielding it from the underlying cloud provider, hypervisor, and other VMs on the same host. This launch is notable for its emphasis on "frictionless adoption," allowing enterprises to migrate sensitive workloads—including AI/ML training and data analytics—into a secure environment without rewriting application code. Furthermore, Google’s Project Zero conducted a proactive security audit of the TDX architecture prior to launch to ensure hardware-level resilience.
## Business Impact
### For the Companies Involved
- **Google Cloud:** Diversifies its hardware portfolio. By adding Intel to its existing AMD-based confidential offerings, Google provides customers with vendor choice, reducing lock-in and potentially capturing more regulated industry market share.
- **Intel:** Reaffirms its relevance in the high-end cloud security market. The 4th Gen Xeon processors gain a high-profile validation through Google’s "Trusted Cloud" initiative.
### For Competitors
- **Cloud Providers (Azure/AWS):** Increases the pressure on other hyperscalers to offer equivalent, seamless hardware-based isolation across diverse CPU architectures.
- **Hardware Rivals:** While AMD has led in this space with SEV-SNP, Intel’s entry into Google’s confidential fleet creates a more competitive environment for hardware-level security features.
### For Customers
- **Enterprises:** Can now move highly regulated or proprietary workloads (such as financial models or healthcare records) to the cloud with higher assurance.
- **Developers:** Benefit from "lift-and-shift" security, providing protection-in-use without the specialized development costs typically associated with TEEs (Trusted Execution Environments).
### For the Market
- **Standardization:** The collab with Canonical (Ubuntu) suggests a push toward making Confidential Computing a standard, out-of-the-box feature for Linux-based cloud infrastructure rather than a niche "add-on."
## Technical Implications
- **Intel TDX:** Introduces hardware-isolated domains that remove the hypervisor from the TCB (Trusted Computing Base).
- **Remote Attestation:** Allows users to cryptographically verify the integrity of the VM’s memory and CPU state before deploying sensitive data.
- **Performance:** C3 VMs aim to balance the high overhead usually associated with encryption with the performance benefits of Intel 4th Gen Xeon architecture.
## Strategic Analysis
- **Market Positioning:** Google is positioning itself as the "Most Trusted Cloud," specifically targeting the sovereignty and privacy needs of global enterprises and government agencies.
- **Competitive Advantage:** Vendor neutrality (offering both AMD and Intel solutions) allows Google to serve a wider array of enterprise hardware preferences.
- **Challenges:** The complexity of hardware-level vulnerabilities (e.g., side-channel attacks) remains a persistent concern, hence the emphasis on the Project Zero audit.
## Industry Reactions
- **Canonical:** Stated that the collaboration ensures Ubuntu is optimized for TDX, simplifying the operational complexities of managing secure VMs.
- **Intel (Anil Rao):** Highlighted that this move is specifically aimed at unlocking the value of sensitive data assets for advanced AI and analytics.
## Future Outlook
- **AI Dominance:** Expect Confidential Computing to become the default requirement for organizations running proprietary LLMs or fine-tuning models on sensitive private data.
- **Wider Adoption:** As performance hits decrease, "Confidential by Default" may eventually replace standard VM instances for enterprise-grade cloud services.
## For Security Professionals
Cybersecurity practitioners should view this as a significant tool for "Zero Trust" architectures. It effectively moves the boundary of trust from the cloud provider's staff and software stack to the physical silicon. Information Security Officers (CISOs) in regulated fields should evaluate the **Remote Attestation** features as a means to satisfy compliance requirements for data sovereignty and privacy.