You can enable vSGX on an existing virtual machine.

You can enable vSGX for virtual machines running on vSphere 7.0 and later.

Prerequisites

  • The ESXi host must be installed on an SGX-capable CPU and SGX must be enabled in the host's BIOS. See vSGX Overview for supported Intel CPUs.
  • The guest OS you use must be Linux, or Windows Server 2016 (64 bit) or later, or Windows 10 (64 bit) or later.
  • The ESXi hosts running in your environment must be ESXi 7.0 or later.
  • Verify that the virtual machine is turned off.
  • The virtual machine must use EFI firmware.
  • The virtual machine must use hardware version 17 or later.

Procedure

  1. Connect to vCenter Server by using the vSphere Client.
  2. Right-click the virtual machine in the inventory that you want to modify and select Edit Settings.
  3. In the Edit Settings dialog box, under Security devices, select the Enable check box for SGX.
  4. Enter Enclave Page Cache (EPC) size and select Flexible Launch Control (FLC) mode accordingly.
  5. Under VM Options > Boot Options > Firmware, ensure that EFI is selected.
  6. Click OK.