Provisioning a bare metal server with Intel® Software Guard Extension architecture
Intel Software Guard Extensions (SGX) can protect data that uses hardware-based server security. With Intel SGX applications, you can protect select code and data from disclosure or modification. By using trusted execution environments (TEE), known as enclaves, you can encrypt the pieces of your application memory that contains sensitive data while it is in use.
Provisioning your bare metal server with SGX
To provision a bare metal server with SGX, use the following steps:
- Create a custom server by following the procedure Build a custom bare metal server
- On the bare metal provisioning page, select the following options.
| Field | Value |
|---|---|
| Server | Select either Intel Sapphire Rapids processor or Intel Xeon® 2174. |
| Image | Select an available image. For more information about Classic-supported operating systems, see Lifecycle for operating systems and add-ons. |
| Image Add-ons | Select Software Guard Extensions (SGX). |
Installing Intel SGX platform software and drivers
Make sure that you install the SGX platform software and drivers.
- Go to the [Get started](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/get-started.html{: external} and select the option for installation that matches your operating system.
- Download the binary installation option. This option helps make sure that you use a stable version of SGX in your workloads.
- For specific instructions for each type of installation, see the Intel SGX Installation Guide for Windows or the Intel SGX Installation Guide for Linux.