Virtual machines can use Intel SGX technology, if available on the hardware.

Requirements for vSGX

To use vSGX, your vSphere environment must meet these requirements:

  • Virtual machine requirements:
    • EFI firmware
    • Hardware version 17 or later
  • Component requirements:
    • vCenter Server 7.0 and later
    • ESXi 7.0 and later
  • Guest OS support:
    • Linux
    • Windows Server 2016 (64 bit) and later
    • Windows 10 (64 bit) and later

Intel Hardware

For supported Intel hardware for vSGX, consult the VSphere Compatibility Guide at https://www.vmware.com/resources/compatibility/search.php.

You might need to turn off hyperthreading on certain CPUs to enable SGX on the ESXi host. For more information, see the VMware KB article at https://kb.vmware.com/s/article/71367.

Unsupported VMware Features on vSGX

The following features are not supported in a virtual machine when vSGX is enabled:

  • vMotion/DRS migration
  • Virtual machine suspend and resume
  • Virtual machine snapshots (Virtual machine snapshots are supported if you do not snapshot the virtual machine's memory.)
  • Fault tolerance
  • Guest Integrity (GI, platform foundation for VMware AppDefense™ 1.0)
Note:

These VMware features are not supported due to how the Intel SGX architecture functions. They are not the result of a VMware shortcoming.