To protect the enclave contents from disclosure and modifications, you can enable vSGX on a virtual machine in the VMware Host Client.
Some operations and features are not compatible with SGX.
- Migration with Storage vMotion
- Suspending or resuming the virtual machine
- Taking a snapshot of the virtual machine
- Fault Tolerance
- Enabling Guest Integrity (GI, platform foundation for VMware AppDefense 1.0)
Prerequisites
-
Power off the virtual machine.
- Verify that the virtual machine uses EFI firmware.
- Verify that the ESXi host is version 7.0 or later.
- Verify that the guest operating system in the virtual machine is Linux, Windows 10 (64-bit) or later, or Windows Server 2016 (64-bit) or later.
- Verify that you have the privilege on the virtual machine.
- Verify that the ESXi host is installed on an SGX-capable CPU, and SGX is enabled in the BIOS of the ESXi host. For information about the supported CPUs, see https://kb.vmware.com/s/article/71367.