VMware just announced that vSphere 7 Update 1 will add support for AMD SEV-ES encryption!
Find out what this means for enterprise security, and the future of AMD EPYC processors!
AMD SEV-ES Encryption : What Is It?
SEV-ES, short for Secure Encrypted Virtualization-Encrypted State, is a hardware-accelerated encryption capability in AMD EPYC processors.
Leveraging both the AMD Secure Processor and the AES-128 encryption engine built into every AMD EPYC processor, SEV-ES encrypts all CPU register contents when a virtual machine stops running.
This prevents the leakage of information from the CPU registers to components like the hypervisor. It can even detect malicious modifications to a CPU register state.
VMware vSphere 7 Now Supports AMD SEV-ES Encryption!
VMware vSphere 7 Update 1 adds support for both AMD SEV-ES and AMD EPYC processors.
The AMD Secure Processor in the first-generation EPYC processors can handle up to 15 encryption keys.
That increases to more than 500 encryption keys with the second-generation EPYC processors.
ESXi has many layers of isolation within its virtualised infrastructure, but all of that is implemented in software. They still require a level of trust in the hardware, which is where AMD SEV-ES comes in.
A guest operating system that supports SEV can ask the AMD Secure Processor to issue it an encryption key, for full in-memory, in-hardware encryption.
SEV-ES extends that protection to CPU registers, so that the data inside the CPU itself is encrypted. This protects the data from being read or modified when the virtual machine stops running.
Even a compromised hypervisor that accesses the register data cannot make use of it, because it is now encrypted.
Needless to say, adding support for AMD SEV-ES in vSphere 7 will spur the uptake of AMD EPYC processors in the datacenter.
Recommended Reading
- How Hackers Attack Healthcare During COVID-19 Pandemic!
- Hitachi Vantara : 2020 HCI Portfolio Updates Revealed!
- Kashi Mining Company : Fake Procurement Scam Alert!
- HUAWEI 5G Aces GSMA NESAS Security Audit : The Impact?
- INTERPOL : Alarming Rate Of COVID-19 Cyberattacks!
- AMD Athlon Gold 3150C + Athlon Silver 3050C Revealed!
- Ryzen 7 3700C | Ryzen 5 3500C | Ryzen 3 3250C Revealed!
- 11th Gen Intel Core (Tiger Lake) : What You Need To Know!
- AMD Ryzen PRO 4000 Desktop APUs : All You Need To Know!
- AMD Athlon PRO 3000 Desktop APUs : All You Need To Know!
- AMD Ryzen PRO 4000 Desktop APUs : All You Need To Know!
- AMD Athlon 3000 G-Series with Radeon Graphics Revealed!
- Google Cloud Confidential VM With 2nd Gen AMD EPYC!
- AMD Ryzen Threadripper PRO 3000 Series : Full Details!
- Lenovo ThinkStation P620 : Threadripper PRO Workstation!
- AMD Ryzen 5 3600XT In-Depth Review : Seriously?
- AMD Ryzen XT CPUs : Not Turbocharged But Has Free Game!
- AMD 25×20 Initiative : Goals FAR Exceeded!
- 2020 Lenovo ThinkPad E15 (AMD Ryzen) : First Look!
- 2020 Lenovo ThinkPad E14 (AMD Ryzen) : First Look!
- AMD EPYC : Four Supercomputers In Top 50, Ten In Top 500!
- Amazon EC2 C5a Now Runs On 2nd Gen AMD EPYC!
- Fact Check : AMD Ryzen 4000 Will Use 5nm TSMC Process?
- AMD Ryzen 4000 Mobile : Major Consumer Kick-Off In 2020!
- AMD Ryzen 3 3300X Review : Quite The Bargain @ $120!
- AMD Ryzen 3 3100 Review : A Steal At Just $99!
- AMD Ryzen 3 3300X vs Ryzen 3 3100 Comparison
- AMD B550 Chipset : What You Need To Know!
- Did AMD Just Spank ASUS For ROG Overheating Fiasco?
- Why ASUS Cannot Blame AMD For Overheating ROG Cards
- ASUS TUF RX 5700 Cards Are Also Overheating, Remember?
Go Back To > Enterprise IT | Cybersecurity | Home
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!