aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Public Cloud

Oh SNP! Vms Get Even More Confidential

  • aster.cloud
  • May 1, 2023
  • 3 minute read

A Confidential Virtual Machine (VM) is a type of Google Cloud Compute Engine VM that helps ensure your data and applications stay private and encrypted even while in use. Confidential VMs can help customers maintain control of their data in the public cloud, achieve cryptographic isolation in a multi-tenant environment, and add an additional layer of defense and data protection against cloud operators, admins, and insiders. 

At Google Cloud, we are always looking for ways to raise the security bar. Today at the RSA Conference in San Francisco, we’ve raised it again by adding more hardware-based security protections to Confidential VMs. New protections such as memory integrity and register state encryption have been built into our next generation Confidential VMs featuring AMD Infinity Guard technologies like Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) technology. We’re proud to announce that Confidential VMs with AMD SEV-SNP are now available in private preview on general purpose N2D machines.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

Since June 2022, Confidential VMs have been generally available on general purpose N2D and compute optimized C2D machines with AMD EPYC™ processors backed by AMD SEV.

Regardless of what type (with AMD SEV or AMD SEV-SNP enabled) of Confidential VM you choose, all Confidential VMs help keep your data safely encrypted in memory, and elsewhere outside the CPU, while it is being processed – all without needing any code changes to applications. 

The underpinnings of Confidential VMs

Confidential VMs that utilize AMD SEV offer high performance for demanding computational tasks while keeping VM memory encrypted with a dedicated, per-VM instance key that is generated and managed by the processor. These cryptographic keys are generated by the processor during VM creation and reside solely within it, making them unavailable to Google, the hypervisor, other VMs running on the host, and even you, our customers.

Read More  Empowering DevOps To Foster Customer Loyalty In Modern Retail With MongoDB Atlas On Google Cloud

Confidential VMs that utilize AMD SEV-SNP offer even more data security protections than Confidential VMs with AMD SEV enabled. Confidential VMs with AMD SEV-SNP enabled have the cryptographic isolation of Confidential VMs with AMD SEV but also have the encrypted register states of AMD SEV-ES. On top of that, Confidential VMs with AMD SEV-SNP enabled memory integrity protections to help prevent malicious hypervisor-based attacks like data replay and memory remapping. Building trust often requires verification, so Confidential VMs with AMD SEV-SNP offer hardware-rooted remote attestation. Attestation allows customers to attain assurances regarding their VM’s confidentiality and integrity. 

Attestation builds trust through verification

At Google Cloud, you own your data. We work hard to earn and maintain your trust through transparency. Confidential computing helps accomplish this by encrypting data in-use in a Trusted Execution Environment (TEE) with remote attestation for you to verify.

Remote attestation is a technique where a VM asserts its hardware and software configuration to another entity so that the other entity can determine the level of trust and integrity of a VM. In a Confidential VM, remote attestation is a method that allows a third-party entity (or a Google Cloud customer or Google Cloud) to verify the Confidential VM has not been tampered with. This is done by having the Confidential VM send an attestation report to a verifier, which then validates the report and ensures the integrity of the Confidential VM is in place. 

In Confidential VMs with AMD SEV-SNP enabled, customers can use remote attestation to cryptographically verify their VMs are running with confidentiality and integrity enabled before they interact with their VMs. While all Confidential VMs contain vTPMs that validate a VM’s integrity with Measured Boot, Confidential VMs with AMD SEV-SNP in addition offer attestation reports that are cryptographically signed by hardware and contain information about a VM’s firmware. These verifiable attestation reports around hardware, firmware, and software can help customers build the trust they need to bring highly sensitive and regulated workloads to the cloud.  

Read More  Oracle Cloud Infrastructure Launches New Services And Capabilities Focused On Giving Customers Even More Flexibility

Choosing a Confidential VM

To help you choose between your Confidential VMs, here’s a comparison chart:

https://storage.googleapis.com/gweb-cloudblog-publish/images/Confidential_Virtual_Mach.1004029215220584.max-1100x1100.jpg

Confidential VM availability

Confidential VMs with AMD SEV are generally available in most regions and zones. You can create a Confidential VM anywhere general purpose N2D or compute optimized C2D machines are available. 

Confidential VMs with AMD SEV-SNP, which are in private preview, are currently available on general purpose N2D machines in us-central1. 

Getting started

Protect your sensitive data and workloads in the public cloud with the latest, easy-to-use security technology. Sign up for the private preview of Confidential VMs on general purpose N2D machines enabled with AMD SEV-SNP via this form today and learn more about AMD SEV-SNP in the AMD white paper.


By Joanna Young Product Manager, Confidential Computing
Originally published at Google Cloud

Source: Cyberpogo


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • Confidential Virtual Machine
  • Google Cloud
  • Google Cloud Compute Engine
  • VM
You May Also Like
View Post
  • Computing
  • Public Cloud
  • Technology

United States Army Enterprise Cloud Management Agency Expands its Oracle Defense Cloud Services

  • April 15, 2025
DeepSeek R1 is now available on Azure AI Foundry and GitHub
View Post
  • Public Cloud
  • Technology

DeepSeek R1 is now available on Azure AI Foundry and GitHub

  • February 2, 2025
Cloud platforms among the clouds
View Post
  • Computing
  • Learning
  • Public Cloud

Best Cloud Platforms Offering Free Trials for Cloud Mastery

  • December 23, 2024
Vehicle Manufacturing
View Post
  • Hybrid Cloud
  • Public Cloud

Toyota shifts into overdrive: Developing an AI platform for enhanced manufacturing efficiency

  • December 10, 2024
IBM and AWS
View Post
  • Public Cloud

IBM and AWS Accelerate Partnership to Scale Responsible Generative AI

  • December 2, 2024
COP29 AI and Climate Change
View Post
  • Public Cloud
  • Technology

How Cloud And AI Are Bringing Scale To Corporate Climate Mitigation And Adaptation

  • November 18, 2024
Cloud Workstations
View Post
  • Public Cloud

FEDRAMP High Development in the Cloud: Code with Cloud Workstations

  • November 8, 2024
View Post
  • Public Cloud

PyTorch/XLA 2.5: vLLM support and an improved developer experience

  • October 31, 2024

Stay Connected!
LATEST
  • 1
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 2
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 7
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 8
    Pulsant targets partner diversity with new IaaS solution
    • May 23, 2025
  • 9
    Growing AI workloads are causing hybrid cloud headaches
    • May 23, 2025
  • Gemma 3n 10
    Announcing Gemma 3n preview: powerful, efficient, mobile-first AI
    • May 22, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • 3
    Cloud adoption isn’t all it’s cut out to be as enterprises report growing dissatisfaction
    • May 15, 2025
  • 4
    Hybrid cloud is complicated – Red Hat’s new AI assistant wants to solve that
    • May 20, 2025
  • 5
    Google is getting serious on cloud sovereignty
    • May 22, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.