July 12, 2022 By Angel Nunez Mencias 4 min read

Announcing the next generation of IBM Hyper Protect Virtual Servers in IBM’s Confidential Computing solution portfolio – IBM Hyper Protect Virtual Servers for Virtual Private Cloud (VPC).

This new version takes advantage of Secure Execution technology to further enhance the protective boundary that Hyper Protect offers and lays the groundwork for a Kubernetes-based future.

Gartner estimates that by 2027, more than 90% of global organizations will be running containerized applications in production, which is a significant increase from fewer than 40% in 2021. [1]

Companies are containerizing their applications in a large-scale effort to modernize and move to cloud, but security is still a top concern. Hackers are exploiting the vulnerabilities of exposed containers by injecting malicious code and escalating privileged access.

IBM Hyper Protect Virtual Servers for VPC is designed to protect cloud-native applications with open container initiative (OCI) deployments that utilize confidential computing. Unique to the market, IBM offers a solution with Secure Execution for Linux.

This new product in the Hyper Protect family is the next generation of Hyper Protect Virtual Servers and a stepping stone to a Kubernetes-based offering. The protection boundary moves from the logical partition level (which includes the operating system and application) to complete isolation of the application from the operating system. Customers’ code and data are exclusively controlled by their admins — no exceptions.

Hyper Protect Virtual Servers for VPC is developer-friendly and designed to use industry-standard open-container initiative (OCI) images with a standard user interface to provision, manage, maintain and monitor in the Virtual Private Cloud (VPC) Infrastructure of IBM Cloud. By leveraging VPC, this next generation of Hyper Protect Virtual Servers gains additional network security, as well.

Hyper Protect Virtual Servers for VPC is available in Sao Paolo and Toronto Multi-Zone Regions (MZRs) to start, with London, Washington D.C. and Tokyo to come throughout July and August 2022

Key features

  1. Secure execution: Enjoy technical assurance that unauthorized users — including IBM Cloud admins — do not have access to the application. Workloads are locked down by individual, instance-level secure boundaries
  2.  Multi-party contract and attestation of deployment: Apply Zero Trust principles from workload development through deployment. As multiple personas and legal entities collaborate, it is essential to separate duty and access. Hyper Protect Virtual Servers for VPC is based on an encrypted contract concept, which enables each persona to provide their contribution, while being ensured through encryption that none of the other personas can access this data or IP. The deployment can be validated by an auditor persona through an attestation record, which is signed and encrypted to ensure only the auditor has this level of insight.
  3. Malware protections: Utilize Secure Build to set up a verification process to ensure that only authorized code is running in an application. Hyper Protect Virtual Servers for VPC only deploys container versions, which are validated at deployment.
  4. Bring your own OCI image: Use any open-container initiative (OCI) image and gain the benefits of a confidential computing solution for additional levels of protection
  5. Flexible deployments: Choose from a variety of profile sizes and grow as needed to protect containerized applications and pay-as-you-go on an hourly basis.

Using Hyper Protect Virtual Servers for VPC will help customers with a variety of strategic projects where security is the underlying concern:

  1. Superior security for containerized workloads: Whether you are building a cloud-native application or on an application modernization journey, you can now do both with peace of mind by leveraging IBM’s Secure Execution for Linux technology. Containerizing applications within a confidential computing environment ensures that your applications are protected (even the IBM Cloud admin doesn’t have access), and workloads are isolated by a secure boundary to prevent privileged user escalation.
  2. Digital assets: IBM Digital Asset Infrastructure provides the building blocks to create and enhance end-to-end solutions for storing and transferring large quantities of digital assets in highly secure wallets. Customers’ applications are secured in a Trusted Execution Environment – a hardware-based, Common Criteria-certified isolation designed to thwart compromised insider attacks. By leveraging features like Secure Build and the Encrypted Multi-Party contract, code is validated before it is deployed to reduce the risk of malicious code insertion using a code manifest accessible only to the custodian’s designated security apparatus. Policy workflows are transformed into immutable binary executables that effectively make these policies tamperproof from unauthorized rule manipulation.
  3. Secure machine learning: Often, the most valuable data is also the most sensitive data, making it risky to provide too many people with access. Now, you can run your machine learning or artificial intelligence models with sensitive data in a locked-down environment that protects against unauthorized access, the IP of the model as well as the privacy of the data being processed.

Get started today 

Try out this new service for free by requesting a promotion code from your local IBM Sales Team. For more information on this product, please visit this page.

Provisioning, deployment and management all occur through the standard IBM Cloud Virtual Servers for VPC catalog page. Check out the documentation for additional help.

[1] CTOs’ Guide to Containers and Kubernetes —Answering the Top 10 FAQs; Published 31 May 2022 – ID G00763328 – 17 min read; By Analyst(s): Arun Chandrasekaran, Wataru Katsurashima

More from Announcements

Success and recognition of IBM offerings in G2 Summer Reports  

2 min read - IBM offerings were featured in over 1,365 unique G2 reports, earning over 230 Leader badges across various categories.   This recognition is important to showcase our leading products and also to provide the unbiased validation our buyers seek. According to the 2024 G2 Software Buyer Behavior Report, “When researching software, buyers are most likely to trust information from people with similar roles and challenges, and they value transparency above other factors.”  With over 90 million visitors each year and hosting more than 2.6…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM Consulting augments expertise with AWS Competencies: A win-win for clients 

3 min read - In today's dynamic economic landscape, businesses demand continuous innovation and speed of execution. At IBM Consulting®, our unwavering focus on partnerships and shared commitment to delivering enterprise-level solutions to mutual clients have been core to our success.   We are thrilled to announce that IBM® has recently gained five competencies from Amazon Web Services (AWS) in vital domains including Cloud Operations, Internet of Things (IoT), Life Sciences, Mainframe Modernization, and Telecommunications. With these credentials, IBM further establishes its position as a…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters