Today at Ignite 2024, Microsoft unveiled custom chips designed to power workloads and improve security in the Azure cloud. The Azure Boost DPU accelerator is designed to manage data processing and storage tasks. The Azure Integrated Hardware Security Module security chip provides storage of digital signatures and cryptographic keys in a secure module
Image source: Microsoft
A DPU or Data Processing Unit is specialized equipment designed to perform specific data processing tasks related to security and network routing of data traffic. They are designed to reduce the load on CPUs and other chips for the core computing tasks associated with a given workload, including AI workloads. The efficiency gains that DPUs can provide are attractive to hyperscalers who are building increasingly large and power-hungry data centers.
Azure Boost DPU is designed for “data-centric workloads with high efficiency and low power consumption.” According to the manufacturer, the new chip will provide a fourfold increase in performance in workloads related to data storage, while consuming three times less energy.
«Designed for scalable, composable workloads in the Azure cloud, Azure Boost DPU delivers storage efficiency, networking, acceleration, and more to your cloud infrastructure,” Microsoft said in a blog post. Azure Boost DPU likely has its origins in Fungible, which Microsoft acquired last December for about $190 million. Fungible was founded by former Apple and Juniper Networks engineers to develop DPU chips.
The DPU market has grown rapidly in recent years. Nvidia has been offering its BlueField DPU line since 2019, AMD has been selling its Pensando DPUs since 2022. Nitro cards from Amazon Web Services (AWS) provide DPU-like functionality, and Google is developing similar chips in collaboration with Intel. Nvidia CEO Jensen Huang says CPUs, GPUs and DPUs will be the backbone of future data centers. According to his vision, CPUs will handle general processing, GPUs will provide accelerated calculations, and DPUs will handle data flow. According to Allied Analytics, if interest in DPUs continues, the market for such chips could reach $5.5 billion by 2031.
Following high-profile hacks and damning government reports, Microsoft CEO Satya Nadella declared security the company’s top priority. This is not least why Microsoft today introduced a security chip for the Azure cloud – the Integrated Hardware Security Module (HSM).
Azure Integrated HSM is Microsoft’s second generation of security processors, following Pluton, which is built into chips from Intel, AMD, and Qualcomm. This is the company’s response to similar solutions from its competitors in cloud technologies: Nitro from AWS or Titan from Google. The chip ensures that digital cryptographic signatures and encryption keys are stored in a specialized secure module and used “without sacrificing performance or increasing latency.”
«”Azure Integrated HSM will be installed on every new server in Microsoft data centers starting next year to enhance the security of all Azure hardware for both sensitive and shared workloads,” Microsoft said.
«In today’s rapidly changing threat landscape, influenced by global events and advances in AI, security must come first,” said Vasu Jakkal, corporate vice president of security at Microsoft. “New attack methods are challenging our security posture, forcing us to rethink how the global security community protects organizations.”
Of course, a specialized chip improves security, but it is not a panacea. In 2020, researchers discovered a fatal flaw in Apple’s T2 security chip that left Macs vulnerable to the very threats it was designed to prevent.