Intel TDX vs Intel SGX on the OpenMetal XL v5

Posted on June 4, 2026 by Sash Ghosh

Q: What is the difference between Intel TDX and Intel SGX on OpenMetal XL v5?

Intel TDX isolates an entire guest VM (a “trust domain”) from the host hypervisor and host OS; Intel SGX isolates a process-level enclave inside an application. Both are active by default on the XL v5 and address different threat models — TDX for whole-application confidentiality, SGX for narrow high-value secrets.

Schedule a Consultation

TDX (Trust Domain Extensions) treats a full Linux guest — kernel, init, application stack, all of it — as a hardware-isolated unit. The trust domain has its own AES memory encryption key, its own attestation quote, and is invisible to the host hypervisor and host OS. The threat model TDX defends against is “the host is compromised, but the workload must remain confidential.” For OpenMetal XL v5 customers, this is the right tool for confidential databases, confidential ML inference, sovereign cloud workloads, regulated SaaS tenant isolation, and any workload where the entire application’s memory should be opaque to the platform.

SGX (Software Guard Extensions) is the older, narrower technology — application-level enclaves up to the EPC size limit (128 GB EPC per socket on the 6530P. Enclaves are designed for small, high-value secrets: HSM-class key custody, code-signing root keys, license token verification, small attested microservices, attested key release ceremonies. Developer ergonomics differ — SGX requires the application to be partitioned into trusted and untrusted halves with explicit ECalls and OCalls, which is more work than dropping an existing Linux application into a trust domain unchanged.

On the XL v5, both are active concurrently. The common pattern is layered: keep root signing keys inside small SGX enclaves on the same host, and run the broader key-management application or the wider workload inside a trust domain. TME-MK provides baseline AES encryption of memory outside both. This combination — TDX for whole-application confidentiality, SGX for narrow secrets, TME-MK as the memory baseline — is more comprehensive than what either feature provides alone, and is the configuration the XL v5 ships in by default.

—-

“OpenMetal provided the agility, customization and performance we required to move quickly from just an idea to a fully functioning public cloud offering.”

Anonymous Founder, Founder — Cloud Hosting Company

Interested in OpenMetal Products?

Contact Us

We’re available to answer questions and provide information.

Reach Out

Schedule a Consultation

Get a deeper assessment and discuss your unique requirements.

Schedule Consultation

Try It Out

Take a peek under the hood of our cloud platform or launch a trial.

Trial Options