Intel® SGX (Software Guard Extensions) offers hardware-based memory encryption for isolating specific application code and data in memory and Lanner today announced the availability of its first SGX-enabled hardware solution, the NCA-5220.
Intel® SGX ensures data protection during runtime so that even the most sensitive applications can be executed with privacy. This is achieved by having the data-in-use contained, secured and encrypted as enclaves, a.k.a. non-addressable memory pages/regions, that are created and reserved from the system’s physical RAM.
In other words, data are kept encrypted and secured while general-purpose computation on the said encrypted data is still allowed but eavesdropping attempts from cloud providers, untrusted operating systems, system administrators/root users, government subpoena and network hackers are prevented, even when/if the OS and BIOS are already compromised.
Lanner’s first SGX-enabled appliance, the NCA-5220, is a 1U rackmount network appliance powered by Intel® Xeon® E/Core™ i7/i5/i3/Pentium®/Celeron® and Intel® C246 chipset (codenamed Coffee Lake); it comes with generous and flexible configurations for LAN ports, NIC expansion, storage and management, delivering advanced networking prowess for network traffic security, cloud computing and data centers.
Lanner’s support and service for Intel® SGX includes platform installation, driver success/fail testing and functions verification using Intel sample tool. The requirements for Intel® SGX support include SGX-enabled BIOS, capable CPUs and compatible platform (specifically, the E3-V8 and 6th Gen Core CPU, Coffee Lake), the availability/installation of Intel® SGX Platform Software or PSW.
1U Rackmount Network Appliance for Network Traffic Security, Cloud Computing and Data Centers