On March 15, 2021, AMD launched its latest EPYC (Extreme Performance Yield Computing) 7003 Series processors – “Milan” – intending to improve the speed, agility, and core performance of its EPYC processors for faster business outcomes. Correspondingly, AMD also introduced some salient modern-day security features that give the 7003 Series the edge over its competitors.
AMD’s Latest EPYC 7003 Series Processors
The newest generation of 7003 Series processors imbibes the Zen 3 architecture, which AMD says significantly improves performance for enterprise, cloud, and HPC workloads. The hardware manufacturer claims that it delivers “the best performance of any server CPU with up to 19% more instructions per clock.”
Technically, this is the 3rd Generation of AMD’s EPYC processors, and thus, taking into consideration the current security risks to businesses, AMD has introduced a host of security features like:
- Secure Memory Encryption (SME)
- Secure Encrypted Virtualization-Encrypted State (SEV-ES)
- Secure Encrypted Virtualization-Secure Nested Paging (SEV- SNP)
- A dedicated security subsystem
- Hardware-validated secure boot
- Hardware root of trust
The SEV and SNP Features
AMD Infinity Guard offers a robust set of security features that help complement industry ecosystem partners at both the software and system levels. The SEV and SNP security features are both provided under the AMD Infinity Guard.
SEV-ES: This provides a layer of protection for CPU registers. AMD has added interrupt restrictions that should prevent malicious hypervisors from injecting interrupts and attacking ES guests. The new AMD EPYC processors help safeguard the privacy and integrity of data by encrypting each virtual machine with one of up to 509 unique encryption keys known only to the processor.
SEV-SNP: Another important and new feature that AMD has introduced is SNP, which provides enhanced memory protections against malicious hypervisors carrying out replay, corruption, or remapping attacks. SNP creates an isolated execution environment which helps in adding memory integrity protection capabilities designed to prevent hypervisor attacks.
The AMD EPYC processor ecosystem is expected to grow significantly by the end of 2021 with numerous OEMs, ODMs, cloud providers, and channel partners like AWS, Cisco, Dell Technologies, Google Cloud, HPE, Lenovo, Microsoft Azure, Oracle Cloud Infrastructure, Supermicro, Tencent Cloud and others announce its integration into their respective ecosystems.