Provisioning a bare metal server with Intel® Software Guard Extension architecture
Intel Software Guard Extensions (SGX) can protect data that uses hardware-based server security. With Intel SGX applications, you can protect select code and data from disclosure or modification. By using trusted execution environments (TEE), known as enclaves, you can encrypt the pieces of your application memory that contains sensitive data while it is in use.
Provisioning your bare metal server with SGX
To provision a bare metal server with SGX, follow these steps:
-
Create a customer server by following the procedure Build a custom bare metal server
-
On the bare metal provisioning page, select the following options on the order form:
Field | Value |
---|---|
Server | Single processor Intel Xeon® 2174 with storage up to four drives |
Image | Windows® 2019 Windows Server 2016 Standard Edition (64 bit) Windows Server 2016 Standard Edition (64 bit) Windows Server 2016 Datacenter Edition (64 bit) CentOS 7.x (64 bit) Ubuntu Linux 16.04 LTS Xenial Xerus (64 bit) CentOS 8.x (64 bit) RHEL® 8.x (64 bit) (per-processor licensing) |
Image Add-ons | Software Guard Extensions (SGX) |
Installing Intel SGX platform software and drivers
When you're working with Intel SGX enabled bare metal servers, be sure that you also install the SGX platform software and drivers.
- Go to the Intel open source website and select the option for installation that matches your operating system.
- Download the binary installation option. This option makes sure that you're using a stable version of SGX in your workloads.
- For specific instructions for each type of installation, see the Intel SGX Installation Guide for Windows or the Intel SGX Installation Guide for Linux.