Securing Critical AI Solutions with Fortanix
Download PDFTue, 17 Jan 2023 08:43:16 -0000
|Read Time: 0 minutes
Summary
This joint paper, written by Dell Technologies in collaboration with Intel, outlines the key components of the Intel® Security Solution for Fortanix Confidential AI and the available configurations based on the latest generation of Dell PowerEdge servers.
Introduction
Cybersecurity has become more tightly integrated into business objectives globally, with zero trust security strategies being established to ensure that the technologies being implemented to address business priorities are secure.
Organizations need to accelerate business insights and decision intelligence more securely as they optimize the hardware-software stack. In fact, the seriousness of cyber risks to organizations has become central to business risk as a whole, making it a board-level issue.
Data is your organization’s most valuable asset, but how do you secure that data in today’s hybrid cloud world? How do you keep your sensitive data or proprietary machine learning (ML) algorithms safe with hundreds of virtual machines (VMs) or containers running on a single server?
The Intel® Security Solution for Fortanix Confidential AI, built in collaboration with Fortanix and Dell Technologies, helps contribute to your zero trust security strategy. It is an enterprise-level, high-performance, security-enabled solution that encrypts data while it is in use by isolating data and code in Intel® Software Guard Extension (Intel® SGX) enclaves, without changing underlying software applications.
Key components
- Intel® Software Guard Extensions (Intel® SGX)—A set of security-related instruction codes that isolates software and data from the underlying infrastructure (hardware or operating system) in hardware enclaves. Intel® SGX helps defend against common software-based attacks and helps protect intellectual property (like models) from being accessed and reverse-engineered by hackers or cloud providers.
- Fortanix Confidential Computing Manager—A comprehensive turnkey solution that manages the entire confidential computing environment and enclave life cycle. No application rewriting is required. Fortanix Confidential Computing Manager manages and enforces security policies including identity verification, data access control, and attestation.
- Fortanix Confidential AI—An easy-to-use subscription service that provisions security-enabled infrastructure and software to orchestrate on-demand AI workloads for data teams with a click of a button. Data teams can operate on sensitive datasets and AI models in a confidential compute environment supported by Intel® SGX enclave, with the cloud provider having no visibility into the data, algorithms, or models.
- Dell PERC H755N NVM Express (NVMe) RAID controller with self-encrypting drives (SEDs)—A RAID controller that provides additional security for stored data. Whether drives are lost, stolen, or failed, unauthorized access is prevented by rendering the drive unreadable without the encryption key within the storage controller. The PERC H755N controller offers additional benefits including regulatory compliance and secure decommissioning. It supports local key management (LKM) and external key management systems through Dell OpenManage Secure Enterprise Key Manager (SEKM).
Solution benefits
The Intel® Security Solution for Fortanix Confidential AI enables confidential computing so that AI models and data can be shared without exposing intellectual property and sensitive data. This solution:
- Delivers a turnkey, enterprise-level, and high-performance security solution without requiring application modifications
- Addresses time-to-market concerns by providing a validated solution with an installation guide, containerized tools, and sample workloads
Whether you are deploying on-premises in the cloud, or at the edge, it is increasingly critical to protect data and maintain regulatory compliance. Accelerate performance across the fastest-growing workload types in AI, analytics, networking, storage and HPC, and help protect your business and innovate with confidence.
Available configurations
Table 1. Intel® Security Solution for Fortanix Confidential AI configurations
Component | Base configuration | Plus configuration* |
Platform | Dell PowerEdge R650 1U rack server, supporting up to 8 NVMe drives in RAID configuration | |
CPU | 2 x Intel® Xeon® Gold 6348 (28 cores at 2.6 GHz) with 64 GB/CPU Intel® SGX enclave capacity | 2 x Intel® Xeon® Platinum 8368 (38 cores at 2.4 GHz) with 512 GB/CPU Intel® SGX enclave capacity |
DRAM | 256 GB (16 x 16 GB DDR4-3200) | 512 GB (16 x 32 GB DDR4-3200) (supports options up to 4 TB) |
Boot device | Dell Boot Optimized Server Storage (BOSS)-S2 with 2 x 480 GB M.2 Serial ATA (SATA) (RAID 1) | |
Storage adapter | Dell PERC H755N front NVMe RAID controller | |
Storage | 2 x (up to 8 x) 1.6 TB Enterprise NVMe Mixed Use AG SED Drive, U2 Gen4 | |
NIC | Intel® Ethernet Network Adapter E810-XXV for OCP3 (dual-port 25 Gb) |
* Larger enclave capacity for securing bigger AI models and end-to-end AI workloads
Learn More
Contact your Dell or Intel account team for a customized quote. 1-877-ASK-DELL.