GA: DCasv6 and ECasv6 confidential VMs based on 4th Generation AMD EPYC™ processors
Today, Azure has expanded its confidential computing offerings with the general availability of the DCasv6 and ECasv6 confidential VM series in regions Korea Central, South Africa North, Switzerland North, UAE North, UK South, West Central US. These VMs are powered by 4th generation AMD EPYC™ processors and feature advanced Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) technology. These confidential VMs offer: Hardware-rooted attestation Memory encryption in multi-tenant environments Enhanced data confidentiality Protection against cloud operators, administrators, and insider threats You can get started today by creating confidential VMs in the Azure portal as explained here. Highlights: 4th generation AMD EPYC processors with SEV-SNP 25% performance improvement over previous generation Ability to rotate keys online AES-256 memory encryption enabled by default Up to 96 vCPUs and 672 GiB RAM for demanding workloads Streamlined Security Organizations in certain regulated industries and sovereign customers migrating to Microsoft Azure need strict security and compliance across all layers of the stack. With Azure Confidential VMs, organizations can ensure the integrity of the boot sequence and the OS kernel while helping administrators safeguard sensitive data against advanced and persistent threats. The DCasv6 and ECasv6 family of confidential VMs support online key rotation to give organizations the ability to dynamically adapt their defenses to rapidly evolving threats. Additionally, these new VMs include AES-256 memory encryption as a default feature. Customers have the option to use Virtualization-Based Security (VBS) in Windows, which is currently in preview to protect private keys from exfiltration via the Guest OS or applications. With VBS enabled, keys are isolated within a secure process, allowing key operations to be carried out without exposing them outside this environment. Faster Performance In addition to the newly announced security upgrades, the new DCasv6 and ECasv6 family of confidential VMs have demonstrated up to 25% improvement in various benchmarks compared to our previous generation of confidential VMs powered by AMD. Organizations that need to run complex workflows like combining multiple private data sets to perform joint analysis, medical research or Confidential AI services can use these new VMs to accelerate their sensitive workload faster than ever before. "While we began our journey with v5 confidential VMs, now we’re seeing noticeable performance improvements with the new v6 confidential VMs based on 4th Gen AMD EPYC “Genoa” processors. These latest confidential VMs are being rolled out across many Azure regions worldwide, including the UAE. So as v6 becomes available in more regions, we can deploy AMD based confidential computing wherever we need, with the same consistency and higher performance." — Mohammed Retmi, Vice President - Sovereign Public Cloud, at Core42, a G42 company. "KT is leveraging Azure confidential computing to secure sensitive and regulated data from its telco business in the cloud. With new V6 CVM offerings in Korea Central Region, KT extends its use to help Korean customers with enhanced security requirements, including regulated industries, benefit from the highest data protection as well as the fastest performance by the latest AMD SEV-SNP technology through its Secure Public Cloud built with Azure confidential computing." — Woojin Jung, EVP, KT Corporation Kubernetes support Deploy resilient, globally available applications on confidential VMs with our managed Kubernetes experience - Azure Kubernetes Service (AKS). AKS now supports the new DCasv6 and ECasv6 family of confidential VMs, enabling organizations to easily deploy, scale and manage confidential Kubernetes clusters on Azure, streamlining developer workflows and reducing manual tasks with integrated continuous integration and continuous delivery (CI/CD) pipelines. AKS brings integrated monitoring and logging to confidential VM node pools with in-depth performance and health insights, the clusters and containerized applications. Azure Linux 3.0 and Ubuntu 24.04 support are now in preview. AKS integration in this generation of confidential VMs also brings support for Azure Linux 3.0, that contains the most essential packages to be resource efficient and contains a secure, hardened Linux kernel specifically tuned for Azure cloud deployments. Ubuntu 24.04 clusters are also supported in addition to Azure Linux 3.0. Organizations wanting to ease the orchestration issues associated with deploying, scaling and managing hundreds of confidential VM node pools can now choose from either of these two for their node pools. General purpose & Memory-intensive workloads Featuring general purpose optimized memory-to-vCPU ratios and support for up to 96 vCPUs and 384 GiB RAM, the DCasv6-series delivers enterprise-grade performance. The DCasv6-series enables organizations to run sensitive workloads with hardware-based security guarantees, making them ideal for applications processing regulated or confidential data. For more memory demanding workloads that exceed even the capabilities of the DCasv6 series, the new ECasv6-series offer high memory-to-vCPU ratios with increased scalability up to 96 vCPUs and 672 GiB of RAM, nearly doubling the memory capacity of DCasv6. You can get started today by creating confidential VMs in the Azure portal as explained here. Additional Resources: Quickstart: Create confidential VM with Azure portal Quickstart: Create confidential VM with ARM template Azure confidential virtual machines FAQAzure Confidential VMs help keep BMW Group’s identities and passwords protected while in use
Evolving identity and access management for the cloud Security, performance, and reliability are the guiding principles behind Microsoft's identity and access management solutions. These solutions empower organizations to maintain their competitive edge by leveraging technology effectively. With Microsoft's robust cloud infrastructure, customer business teams, plant workers, and external vendors can manage huge workloads independently and around the clock. Collaborative success is facilitated, ensuring timely results and efficient release cycles, helping businesses like the BMW Group stay at the forefront of their markets. Before it can achieve results or make a measurable impact, the BMW Group must give every employee, including independent workers, highly safe and secure access to company systems and devices. It’s for that reason the whole company couldn’t function without identity management authentication. If employees can’t securely sign in to their systems and workstations, all work comes to a halt. Microsoft's identity and access management solutions play a crucial role in enhancing security, efficiency, and user experience across various industries. For the BMW Group specifically, conversations about identity systems are occurring against a backdrop of organization-wide modernization. The company chose to move to the cloud early on so it could unlock more opportunities for on-demand flexibility, scalability, and fast access to technological innovations, especially new and advanced security features. As the BMW Group started to migrate its IT estate to Microsoft Azure, it also wanted a more secure platform for its on-premises Microsoft Active Directory environment and domain controllers. The group has some older applications that require Active Directory identification and access services but aren’t yet compatible with next-generation, cloud-native Microsoft Entra ID protection. Some of these IT systems, servers, and applications are also old, difficult, and expensive to replace but essential to support onsite business or are standard in the automotive industry, such as the hardware and software components built into plant machinery used for car production. Use of this machinery can extend beyond 30 years. Given the dependencies, the BMW Group focuses more on building a foundation to boost reliability and stability for its production processes than integrating them with a modern authentication system. In response, the BMW Group wanted to use its on-premises Active Directory licenses to migrate existing Active Directory servers and domain controllers to Azure while actively protecting data and storage resources, the privacy of data in server memory, and its overall operations. Maintaining critical infrastructure with confidential virtual machines on Azure Considering the criticality and sensitivity of its services, the BMW Group was interested in evaluating confidential computing, a technology that helps protect highly sensitive data that is in use in server memory. When the BMW Group started to look at confidential computing, Microsoft was the only vendor offering a generally available confidential computing platform for the BMW Group to bring their Active Directory domain controllers to the cloud: the Azure DCasv5 confidential virtual machines (VMs) using 3rd generation AMD EPYC™ processors. This technology allowed them to do the migration without changing any code. BMW Group IT specialists decided to start with confidential VMs running Active Directory services as a tier 0 workload in Azure to tighten security and put those servers on a future-proven track for how to continue operating Active Directory for the next 5–10 years. As it started using confidential VMs, the BMW Group appreciated being able to eliminate several potential attack paths as it used domain controllers in a public cloud environment for the first time. Without confidential computing, the datacenter operator, host operator, and VM host operator could have been able to access company systems and the Active Directory database. On top of the added security benefits moving forward, the BMW Group IT specialists also remarked that performance for workloads and applications didn’t suffer running on the AMD based confidential VMs, which greatly reduced worries about potential lapses in availability while making the switch. The group’s Azure DCasv5 confidential VMs using 3rd generation AMD EPYC™ processors have quickly become the center of its architecture and the main component for its domain controllers. Staying within the Microsoft ecosystem for daily identity administration, its privileged access workstation relies on Intune, Azure Bastion, Azure Key Vault, Azure Key Vault Managed HSM, and other Microsoft Security services. Additionally, many of its modern applications that don’t require earlier Active Directory support are onboarded directly to Entra ID. Changing attitudes, adopting a Zero Trust security model, and measuring success Many organizations recognize that security and identity and access management are two pieces of the same puzzle, each with an essential role in their organization’s operations. The BMW Group’s staff have helped build a castle, strengthening security from the outside in, and any activity within the network is on the secure side. Now, they are moving to a Zero Trust framework, which removes any implicit trust and requires each component, supplier, and authentication process to be thoroughly assessed and validated before being granted access. From this internal perspective, the main challenge is to upskill everybody in their team. It’s a completely different way to deploy infrastructure, which is now mainly done by code instead of requesting and installing a physical server. But the result for BMW Group customers is an almost invisible benefit that’s extremely meaningful. It was key not to have any downtime or business impacts, and company staff successfully and seamlessly deployed services for customers with the first bunch of domain controllers running on Azure, without those customers noticing or having to worry about where services were coming from. The group’s main measure of success is getting rid of all its on-premises components, including all on-premises servers and many supporting systems previously needed to offer and support BMW Group services. In doing so, the BMW Group will have all of its systems needed for Active Directory operation hosted on Azure. Achieving security goals and sharing cloud experiences across the business The BMW Group’s new highly secure architecture and DCasv5 confidential VMs touch every part of the business across the full life cycle of identities and are used by internal and external employees, large and strategic partners, and joint venture partners. Boosting security and safeguarding its platform were the company’s main goals and are now its main benefits. The BMW Group is heavily reducing its risk, with the main goal of making it very difficult for an attacker to get into its systems. Microsoft's geographically widespread Azure datacenters enhance businesses' ability to support local branches and plants, increasing service availability and distribution around the globe. Planned IT projects at the BMW Group include transitioning to DCasv6 VMs, the newest confidential VMs on Azure using 4th generation AMD EPYC processors, which will bring with them a 30% performance increase over what the company has already gained. IT specialists are also installing Windows Hello for Business on all client devices within the group, letting employees sign in and authenticate themselves using biometrics. With continued success moving its sensitive workloads to Azure, the BMW Group plans to share its experiences with other teams across the organization. It also wants to bring the benefits of its architecture to other core systems that have high demand for identity and access protection, with everything it’s done so far showing what’s possible for the future. Discover more about BMW Group on Facebook, Instagram, LinkedIn, X/Twitter, and YouTube.Preview of Azure Confidential Clean Rooms for secure multiparty data collaboration
Today, we are excited to announce the preview of Azure Confidential Clean Rooms, a cutting-edge solution designed for organizations that require secure multi-party data collaboration. With Confidential Clean Rooms, you can share privacy sensitive data such as personally identifiable information (PII), protected health information (PHI) and cryptographic secrets confidently, thanks to robust trust guarantees that help ensure that your data remains protected throughout its lifecycle from other collaborators and from Azure operators. This secure data sharing is powered by confidential computing, which helps protect data in-use by performing computations in hardware-based, attested Trusted Execution Environments (TEEs). These TEEs help prevent unauthorized access or modification of application code and data during use. Organizations across industries need to perform multi-party data collaboration with business partners, outside organizations, and even within company silos to improve business outcomes and bolster innovation. Confidential Clean Rooms help derive true value from such collaborations by enabling granular and private data to be shared while providing safeguards on data exfiltration hence protecting the intellectual property of the organization and the privacy of its customers and addressing concerns around regulatory compliance. Whether you’re a data scientist looking to securely fine-tune your ML model with sensitive data from other organizations, or a data analyst wanting to perform secure analytics on joint data with your partner organizations, Confidential Clean Rooms will help you achieve the desired results. You can sign up for the preview here Key Features Secure Collaboration and Governance: Allows collaborators to create tamper-resistant contracts that contain the constraints which will be enforced by the clean room. Governance verifies validity of those constraints before allowing data to be released into clean rooms and helps generate tamper-resistant audit trails. This is made possible with the help of an implementation of the Confidential Consortium Framework CCF). Enhanced Data Privacy: Provides a sandboxed execution environment which allows only authorized workloads to execute and prevents any unauthorized network or IO operations from within the clean room. This helps keep your data secure throughout the workload execution. This is possible with the help of deploying clean rooms in confidential containers on Azure Container Instances (ACI) which provides container group level integrity with runtime enforcement of the same. Verifiable trust at each step with the help of cryptographic remote attestation forms the cornerstone of Confidential Clean Rooms. Salient Use Cases Azure Confidential Clean Rooms caters to use cases spanning multiple industries. Healthcare: For fine-tuning and inferencing with predictive healthcare machine-learning (ML) models and for joint data analysis for advancing pharmaceutical research. This can help protect the privacy of patients and intellectual property of organizations while demonstrating regulatory compliance. Finance: For financial fraud detection through analysis of combined data across banks and other financial institutions and for providing personalized offers to customers through secure analysis of transaction data and purchase data in retail outlets Media and Advertising: For improving marketing campaign effectiveness by combining data across advertisers, ad-techs, publishers and measurement firms for audience targeting and attribution and measurement Retail: For enhanced personalized marketing and improved inventory and supply chain management Government and Public Sector Organizations: For analysis of high security data across multiple government and public sector organizations to streamline benefits for citizens Customer Testimonials We are already partnering with several organizations to accelerate their secure multi-party collaboration journey with confidential clean rooms. Confidential computing in healthcare allows secure data processing within isolated environments, called 'clean rooms', protecting sensitive patient data during AI model development, validation and deployment. Apollo Hospitals uses Azure Confidential Clean Rooms to enhance data privacy, encrypt data, and securely train AI models. The benefits include secure collaboration, anonymized patient privacy, intellectual property protection, and enhanced cybersecurity. Apollo’s pilot with Confidential Clean Rooms showed promising results, and future efforts aim to scale secure AI solutions, ensuring patient safety, privacy, and compliance as the healthcare industry advances technologically. - Dr. Sujoy Kar, Chief Medical Information Officer and Vice President, Apollo Hospitals Azure Confidential Clean Rooms is a game changer to make collaborations on sensitive data both seamless and secure. When combined with Sarus, any data processing job is automatically analyzed using the most advanced privacy technology. Once validated, they are processed securely in Confidential Clean Rooms protecting both the privacy of data and the confidentiality of the analysis itself. This eliminates administrative overheads and makes it very easy to build advanced data processing pipelines. With our partner EY, we're already leveraging it to help international banks improve AML practices without compromising privacy. - Maxime Agostini, CEO & Cofounder of Sarus Read here to learn more about how Sarus is using Confidential Clean Rooms. As co-leaders on this Data Consortium Pilot, we are thrilled to be working with industry partners, Sarus and Microsoft, to drive this initiative forward. By combining Sarus’ privacy preserving technologies and Microsoft’s Azure Confidential Clean Rooms, not only does this project push the edge of technology innovation, but it strives to address a pivotal issue that affects us as Canadians. Through this work, we aim to help financial services organizations and regulators navigate the complexities of private and personal data sharing, without compromising the integrity of the data, and adhering to all relevant privacy regulations. For the purposes of this pilot, we are focusing our efforts on how this technology can play a pivotal role in helping better detect cases of human trafficking, however, we recognize that it can be used to help organizations for multiple other use cases, and cross industries, including health care and government & public sector. - Jessica Hansen, Privacy Partner EY Canada, and Dana Ohab, AI & Data Partner EY Canada Retrieval-Augmented Generation (RAG) applications accessing Large Language Models (LLMs) are common in private AI workflows, but managing secure access to sensitive data can be complex. SafeLiShare’s integration of its LLM Secure Data Proxy (SDP) with Azure Confidential Clean Rooms (ACCR) simplifies access control and token management. The joint solution helps ensure runtime security through advanced Public Key Infrastructure (PKI) and centralized policy management in Trusted Execution Environments (TEEs), enforcing strict access policies and admission controls to guarantee authorized access to sensitive data. This integration establishes trust bindings between the Identity Provider (IDP), applications, and data, safeguarding each layer without compromise. It also enables secure creation, sharing, and management of applications and data assets, ensuring compliance in high-performance AI environments. - Cynthia Hsieh, VP of Marketing, SafeLiShare Read here to learn more about how SafeLiShare is using Confidential Clean Rooms. Learn More Signup for the preview of Azure Confidential Clean Rooms Confidential Consortium Framework (CCF) Confidential containers on Azure Container Instances (ACI)Preview: New DCasv6 and ECasv6 confidential VMs based on 4th Generation AMD EPYC™ processors
You can get started deploying your software on these confidential VMs by signing up here. Additional security enhancements With the launch of the DCasv6 and ECasv6 confidential VM family – we support AES-256 memory encryption enabled by default. Additionally, we now offer our customers the capability to leverage key protection with Virtualization-based Security (VBS) in Windows. By enabling key protection in Windows CVMs, customers can protect keys in-use from Guest OS and applications. This key protection is enforced by CPU hardware. Faster performance for confidential workloads These new CVMs have demonstrated up to 25% improvement in various benchmarks compared to our previous generation of AMD-based confidential VMs. KT is leveraging Azure confidential computing to secure sensitive and regulated data from its telco business in the cloud. With new V6 CVM offerings in Korea Central Region, KT extends its use to help Korean customers with enhanced security requirements, including regulated industries, benefit from the highest data protection as well as the fastest performance by the latest AMD SEV-SNP technology through its Secure Public Cloud built with Azure confidential computing. - Woojin Jung, EVP, KT Corporation Worldwide Region Availability These CVMs will be gradually made available across all supported Azure regions and availability zones. Please use the sign-up form to indicate interest in participating in the gated preview and regional requirements. General purpose & Memory-intensive workloads Featuring general purpose optimized memory-to-vCPU ratios and support up to 96 vCPUs and 384 GiB RAM, the DCasv6-series delivers enterprise-grade performance. The DCasv6-series enables organizations to run sensitive workloads with hardware-based security guarantees, making them ideal for applications processing regulated or confidential data. For more memory demanding workloads, the new ECasv6-series offer high memory-to-vCPU ratios with increased scalability up to 96 vCPUs and 672 GiB of RAM. The ECasv6-series is ideal for memory-intensive enterprise applications offering nearly double the memory capacity of DCasv6. The ECasv6-series scales 672 GiB RAM with up to 96 vCPUs, making them ideal for memory intensive applications that exceed even the capabilities of the DCasv6 series. DCasv6 DCadsv6 ECasv6 ECadsv6 vCPU 2 - 96 2 - 96 2 - 96 2 - 96 Memory 8 - 384 8 - 384 16 - 672 16 - 672 Max local disk NA 75-600GiB NA 75-600GiB OS Support These CVMs support the following guest operating systems: Windows Server 2019, 2022, 2025, Windows 11, Ubuntu 22.04, Ubuntu 24.04, and RHEL 9.4. Endorsements from our customers The BMW Group relies on Azure confidential VMs powered by AMD EPYC processors to enable a Zero Trust environment with end-to-end encryption for our identity authentication system, allowing over 200,000 associates to collaborate on building the future of individual mobility. The solution was made possible in part due to the fact that AMD EPYC processor based confidential VMs do not require code changes to protect data in memory. Further, our testing of the newest generation of DCasv6 VMs has shown significant improvements in performance, and we look forward to seeing them go live on Azure. - BMW Group Having early access to Microsoft’s latest confidential VMs is a game-changer, offering enhanced security and performance. Our customers are pleased that they won’t have to adapt existing algorithms to take advantage of computing within the optimal CVM environment available in their computing region and selected within the EscrowAI platform. - Mary Beth Chalk, Co-founder & Chief Commercial Officer, BeeKeeperAI Anjuna is thrilled to be among the first to access Microsoft’s latest confidential VMs, powered by the newest version of the AMD SEV-SNP technology. Our ongoing partnership with Microsoft Azure provides us with early access to explore advanced security and performance features. This collaboration empowers joint Azure and Anjuna customers to leverage the newest Azure technologies from day one, enhanced by the capabilities of the Anjuna Seaglass platform. - Ofir Azoulay-Rozanes, Director of Product Management, Anjuna Security Sign up now for exclusive access Joining our exclusive preview program gives you an opportunity to work with the product team. To get started deploying your software on the latest confidential VMs sign up here.What’s new: RHEL 9.3 support for AMD confidential VMs, temp disk encryption, new regions
We are thrilled to announce the RHEL 9.3 support for AMD confidential VMs, expansion of Azure Confidential VMs featuring AMD SEV-SNP technology to the following new regions: Italy North, Germany West Central and UAE North, temp disk encryption support and General Availability (GA) release of Azure Databricks support for AMD-based confidential VMs.Announcing: Microsoft moves $25 Billion in credit card transactions to Azure confidential computing
Microsoft is proud to showcase that customers in the financial sector can rely on public Azure to add confidentiality to provide secure and compliant payment solutions that meet or exceed industry standards. Microsoft is committed to hosting 100% of our payment services on Azure, just as we would expect our customers to do. Microsoft’s Commerce Financial Services (CFS) has completed a critical milestone by deploying a level 1 Payment Card Industry Data Security Standard (PCI-DSS) compliant credit card processing and vaulting solution, moving $25 Billion in annual credit card transactions to the public Azure cloud.NLP Inferencing on Confidential Azure Container Instance
Thanks to the advancements in the area of natural language processing using machine learning techniques & highly successful new-age LLMs from OpenAI, Google & Microsoft - NLP based modeling & inferencing are one of the top areas of customer interest. These are being widely used in almost all Microsoft products & there is also a huge demand from our customers to utilize these techniques in their business apps. Similarly, there is a demand for privacy preserving infrastructure to run such apps.
