Why we use AMD EPYC CPUs for our KVM VPS & VDS Hosting
We always aspire to exceed our customers’ needs and their demands by providing top quality, high-performance virtual servers. This has been and will always be one of our top priorities alongside protecting our customer’s data and privacy.
From the very start of our company, nearly a decade ago, we at VPSBG have constantly strived to incorporate the latest and most powerful Intel CPUs for our servers. However, after continuous and rigorous testing using some of the new generation CPUs by both Intel and AMD, we opted to start using the latter due. Because of this, we decided to use AMD’s newest EPYC CPUs for both our KVM VPS servers as well as our dedicated instances.
AMD EPYC CPUs - performance and security combined
These EPYC (quite literally) CPUs have proven that they can handle really intensive applications and servers. However, did you know that they also come equipped with some additional security features? This is also part of the reasoning behind us choosing to utilize them for our hosting!
After the Meltdown and Spectre vulnerabilities were discovered over the past few years, our team has been working very hard to plan, prepare and to deploy the best available solution when it comes to our servers. Because of this, we decided to utilize EPYC CPUs that utilize hardware-level protection and more importantly - data encryption. This is where AMD’s central processing units come into effect with their SEV, TSME & SME protection, designed specifically to prevent physical attacks (such as cold booting) as well as virtual attacks against individual virtual machines or the hypervisor.
This helps protect our cloud servers and ultimately - keep our users’ data and privacy safe as well, while also ensuring that no downtime will occur. We are also constantly monitoring any changes and implementing patches when they go live.
A deeper look into AMD EPYC CPUs' security
As we already mentioned, we at VPSBG believe that protecting the privacy and data safety of our customers should always be our utmost priority. Due to this, it is absolutely essential and necessary to have strong security even at a hardware level.
AMD’s EPYC CPUs employ such additional security measures with the help of a separate secure chip and some extra solutions to some of the most common (and some more specific) attack types.
Generally speaking, virtualization technology is meant to provide full isolation to any of the hosted virtual machines. However, this isolation can be endangered. This happens when sophisticated attacks are launched using any vulnerabilities that can be found in the CPU that could potentially allow active memory (RAM) dumping between the virtual machines. This can result in a number of decryption keys being leaked into memory, allowing hackers to extract this information and then utilize it to decrypt data and gain access to any of the hosted instances. AMD, however, managed to come up with a solution to this problem.
The CPUs help protect data and information by encrypting each virtual machine with a unique key that is known only to the processor and is also isolated with a secure element inside of the chip. This ensures that even with access to the host, anything stored in the RAM will remain encrypted and cannot be dumped or viewed in any way, meaning that server data remains safe and secure even in the case of a hardware or virtual misconduct.
You can gain more information about the topic and the security features from AMD’s official release statement.
Overall, AMD’s EPYC CPUs are a perfect fit for our hosting services and we will continue to strive to provide and ensure secure, reliable and privacy-oriented servers.