We’re excited to announce the general availability of Azure’s next generation of confidential virtual machines, powered by 5th Gen Intel® Xeon® processors with Intel® Trust Domain Extensions (Intel® TDX). These new confidential VMs make it easier than ever for organizations to move their most sensitive workloads to the cloud—without requiring any application code changes. Available today for production deployments across both general-purpose (DCesv6, DCedsv6) and memory-optimized (ECesv6, ECedsv6) VM series, this release delivers a powerful combination of performance, scalability, and hardware-enforced security, enabling customers to innovate with confidence on Azure.
By combining hardware-enforced isolation, cryptographic attestation, and built-in support for Intel® Advanced Matrix Extensions (Intel® AMX), Intel® TDX confidential VMs allow Azure customers to accelerate confidential AI scenarios, protect models and weights, and even collaborate across organizations without exposing confidential data.
For Azure customers, this generation of Intel-based confidential VMs provides additional assurance for one of the last major barriers to cloud adoption for sensitive and high-value workloads. It allows organizations to take advantage of Azure’s global scale, elasticity, and rich ecosystem while helping to prevent unauthorized access to data in-use, even from the cloud operator. By combining hardware-enforced isolation and cryptographic attestation, customers can deploy sensitive and/or regulated workloads, protect intellectual property, and run confidential AI pipelines with greater assurance and fewer architectural compromises. The result is faster cloud adoption, simpler compliance, and accelerated innovation —without sacrificing control or security.
With Azure Intel® TDX confidential VMs, customers can:
- Protect data and models while in use with hardware-enforced isolation
- Achieve significantly lower latency and higher throughput with NVMe local storage
- Deploy existing applications without code changes
- Verify integrity and workload integrity through cryptographic attestation and open infrastructure components
- Run confidential AI workloads efficiently with Intel® AMX acceleration
As a first for Azure’s confidential VM offerings, we are adding support for local NVMe SSDs for our DCedsv6-series and ECedsv6-series. These sizes are suited for storage workloads that need a balance of SSD capacity, compute, and memory. With NVMe we can achieve nearly 5× more throughput while reducing latency by about 16% compared to the previous SCSI generation. Overall, we see lower IO latency by ~27 microseconds across block size and thread count.
This figure shows NVMe vs SCSI local disk performance ratio for IOPS to latency for random reads with 8K block size, queue depth of 1, and 1 thread.
This figure shows NVMe vs SCSI local disk performance for random reads with 8K block size and queue depth of 8 across various thread counts.
Additionally, these TDX confidential VMs are Azure confidential compute's first offering to utilize our open-source paravisor, OpenHCL. This innovation allows us to increase transparency and verifiability for our customers, reinforcing our commitment to the trust-but-verify principle for confidential computing. These VMs also support Azure Boost, enabling up to 205k IOPS and 4 GB/s throughput of remote storage along with 40 Gbps VM network bandwidth.
Customers are excited to use TDX based Confidential VMs
“At Bosch Trustworthy Collaboration Services, we’ve enrolled our collaboration platform on Azure’s latest Confidential VMs powered by Intel® 5th Generation Xeon® processors with TDX support. That means better transparency, stronger performance, and more robust verification: the foundation we need for cross-company teamwork. These improvements reinforce our capability to deliver best-in-class secure collaboration capabilities to our customers with our Trusted Collaboration Spaces.” - Dr. Sven Trieflinger, CTO Bosch Trustworthy Collaboration Services
“Ensuring data security across its entire lifecycle has always been a key priority for me. Until recently, encryption for data-in-use was the missing link, preventing true end-to-end protection managed by the customer. Through collaboration with Microsoft and Intel®, we have established a comprehensive ecosystem, called End-to-End Data Encryption. This ecosystem seamlessly unites data protection at rest, in transit, and now in use, thanks to the integration of Intel® TDX technology. The root of trust remains Thales CipherTrust Data Security Platform, enabling us to manage and safeguard our data with confidence. Of course, leveraging that technology for our own use significantly strengthens our cyber defenses. I would like to thank Microsoft for bringing this innovation to fruition.” - Didier Espinet, Chief Information Security Officer for Thales Cyber & Digital Identity
"In the public sector and other regulated industries, trust and fairness are paramount. By integrating Microsoft Azure confidential virtual machines with Intel® TDX and AMX technologies, Nuuday delivers a secure and compliant Confidential AI environment that upholds strict data sovereignty and privacy standards. These capabilities ensure sensitive information can be processed with verifiable confidentiality and integrity – while unlocking new opportunities for digital innovation." - John Henriksen, CEO, TDC Erhverv.
“Arqit is delighted to partner with Microsoft and Intel® on the launch of Azure’s latest Intel® TDX-enabled Confidential VMs. Together we have demonstrated a combination of security-enhancing technologies to deliver provable protection of sensitive AI workloads processed across multi-region public cloud. This partnership underlines our shared commitment to giving customers full sovereign control over their data even outside of their own networks, in turn accelerating AI adoption and digital transformation.” - Jonathan Pope, VP Sales & Partnerships
Offerings
The DCesv6-series and DCedsv6-series VMs are designed to offer a balance of memory to vCPU ratio, with up to 128 vCPUs, and up to 512 GiB of memory. The ECesv6-series and ECedsv6-series VMs are designed to offer an even higher memory to vCPU ratio, with up to 64 vCPUs, and 512 GiB of memory.
Availability
The DCesv6, DCedsv6, ECesv6 and ECedsv6 VMs with Intel® TDX are now generally available in West US and West US 3 regions. Customers can access these VMs through Azure Portal, Azure CLI, or Azure Powershell. We support Windows Server 2025, Ubuntu 22.04 and 24.04 guest OS versions.
We will continue to receive requests for preview in other available regions and intend to bring them to general availability soon.
Microsoft