This page covers the OpenMetal XXL v4 configured as a confidential computing platform. The XXL v4 is the only server in the OpenMetal v4 lineup where Intel TDX (Trust Domain Extensions) is active at the base configuration — 2TB of DDR5 RAM ships at deployment exceeding the 1TB threshold required for TDX activation, with no additional RAM upgrade needed. The underlying server hardware is identical to the standard XXL v4; this page frames the XXL v4 for workloads where hardware-enforced memory isolation is the primary deployment requirement.
TDX creates hardware boundaries called Trust Domains that prevent even a privileged hypervisor or co-located software from reading or modifying workload memory. Combined with Intel SGX for enclave-level isolation and TME-MK for full memory encryption, the XXL v4 provides a layered hardware security model suited for regulated data processing, multi-tenant SaaS isolation, and sovereign cloud deployments — all at fixed monthly pricing with no shared hardware tenancy.
Key Takeaways
- TDX active at base config — no upgrade required: Every XXL v4 ships with Intel TDX enabled. For workloads where confidential computing is a requirement, not an option, the XXL v4 removes the upgrade step that other tiers require.
- Hardware-enforced isolation for regulated workloads: TDX Trust Domains isolate PHI, PII, and financial transaction data in hardware — even the hypervisor cannot read Trust Domain memory. Relevant for HIPAA-covered workloads, PCI DSS-scoped applications, and multi-tenant SaaS where per-tenant data isolation must be provable at the infrastructure level.
- SGX enclaves alongside TDX VMs — 128 GB EPC: SGX provides a separate isolation model for cryptographic key material, attestation services, and workloads that need hardware-level code isolation smaller than a full VM. 128 GB EPC is available on the same server.
- 2TB RAM base supports large secure workloads: Confidential database instances, large key management clusters, and federated learning nodes all benefit from the 2TB memory pool without requiring a RAM upgrade to activate TDX.
- Full memory encryption via TME-MK: All data in DRAM is encrypted at rest via AES-XTS with per-workload key support. Physical memory attacks — cold boot, DMA, DRAM snooping — are mitigated without software-layer changes.
- Dedicated hardware, fixed pricing, HIPAA-eligible: No shared tenancy. OpenMetal offers BAAs for covered entities. Price locks available up to five years with ramp pricing for migrations. See openmetal.io/bare-metal-pricing.
Server Configuration at a Glance
| Processor | 2x Intel Xeon Gold 6530 (Emerald Rapids, Intel 7) |
| Total Cores / Threads | 64 cores / 128 threads |
| Base / Max Turbo | 2.1 GHz / 4.0 GHz |
| L3 Cache | 160 MB per socket (320 MB total) |
| Memory | 2048GB DDR5 4800 MHz — 32 DIMM slots, max 8192GB |
| Intel TDX | Active — no upgrade required (2TB base RAM exceeds 1TB threshold) |
| Intel SGX | Available with Intel SPS — 128 GB EPC |
| Intel TME-MK | Full memory encryption, per-workload key support |
| Boot Storage | 2x 960GB SSD (RAID 1 mirrored) |
| Data Storage | 6x 6.4TB Micron 7500 MAX NVMe = 38.4TB raw |
| Max Drive Bays | 24 |
| Private Bandwidth | 10 Gbps x2 (LACP bonding available) |
| Public Bandwidth | 10 Gbps; burst to 40 Gbps; 95th-percentile overage billing |
| PCIe | PCIe 5.0, 80 lanes per socket |
| Tenancy | Single-tenant dedicated hardware |
| Pricing | Fixed monthly — see openmetal.io/bare-metal-pricing |
Intel TDX on the XXL v4: Hardware-Enforced Trust Domains
Intel TDX is a hardware virtualization extension that partitions server memory into isolated regions called Trust Domains (TDs). Each TD has its own encrypted, integrity-protected memory space that is inaccessible to the hypervisor, host OS, or any other TD — enforced by the CPU memory controller, not by software policy. Attestation reports signed by Intel allow remote parties to verify the TD’s configuration and software state before transmitting sensitive data.
TDX requires a minimum of 1TB of installed RAM to activate, because the processor reserves a portion of physical memory for the Trust Domain Management Module (TDMM) and related metadata structures. On the Large v4 and Medium v4, reaching this threshold requires a RAM upgrade. On the XXL v4, the base 2048GB configuration exceeds the requirement, and TDX is initialized at first boot without any additional configuration by the customer.
What TDX protects against:
- Hypervisor-level memory inspection (relevant in multi-tenant environments or where the cloud operator’s privileged access must be constrained)
- Cold boot attacks on VM memory
- VM-to-VM memory reads in a multi-VM configuration on the same physical host
- Debugging or inspection of a running VM’s memory state by the host OS
What TDX does not protect against: software vulnerabilities inside the Trust Domain itself, side-channel attacks targeting shared microarchitectural state, or misconfigured TD policies. TDX is an infrastructure-layer control, not a substitute for application-level security.
Intel SGX: Enclave-Level Isolation
SGX (Software Guard Extensions) operates at a finer granularity than TDX. Where TDX isolates an entire VM, SGX isolates individual application-level code regions called enclaves. The XXL v4 supports SGX with Intel SPS and 128 GB of Encrypted Page Cache (EPC).
Common SGX use cases on the XXL v4:
- Key management services — HSM-equivalent key storage without dedicated hardware; enclave holds private keys, attestation proves the key management code hasn’t been tampered with
- Cryptographic co-processors — signing, verification, and threshold signature schemes where private key material never leaves the enclave
- Multi-party computation — federated analytics or ML inference where input data from multiple parties must remain isolated during computation
- Blockchain confidential transactions — protocols requiring verifiable off-chain computation with on-chain attestation
SGX and TDX can run concurrently on the XXL v4 — TDX VMs handling application workloads while SGX enclaves manage key material or attestation services.
Memory Architecture for Confidential Workloads
The XXL v4’s 2048GB DDR5 4800 MHz configuration supports high-memory confidential workloads that cannot tolerate the memory constraints of smaller TDX-eligible tiers.
EPC sizing for SGX: The 128 GB EPC supports large SGX enclaves without requiring enclave paging, which would cause significant performance degradation for data-intensive enclave workloads. Applications requiring in-enclave data processing — large ML models, multi-party analytics, in-enclave key derivation — benefit from EPC availability without paging overhead.
Memory for multi-tenant TDX clusters: A single XXL v4 hosting multiple TDX VMs for different tenants (SaaS, MSP, or enterprise multi-division isolation) can allocate 50–100+ GB per tenant VM while maintaining meaningful isolation boundaries, using the 2TB pool as a dense allocation budget.
Field-upgradeable to 8TB: DIMM slots allow expansion to 8192GB without server replacement — important for confidential workloads that grow their data footprint over time (in-memory secure databases, growing enclave datasets) without requiring a migration that would break TDX attestation continuity.
Intel TME-MK encrypts all DRAM contents at rest with hardware AES-XTS, applying per-VM or per-workload encryption keys managed by the CPU memory controller. This is distinct from TDX memory encryption — TME-MK provides blanket physical memory protection while TDX provides isolation and integrity enforcement between Trust Domains.
Security and Confidential Computing
TDX (VM-level isolation): Hardware Trust Domains with CPU-enforced memory encryption and integrity protection. Each TD holds an independent VCPU state, memory encryption key, and attestation identity. The hypervisor can manage TD lifecycle (create, pause, terminate) but cannot read TD memory contents. TDX is active at the base 2048GB RAM configuration — no customer action required to enable.
SGX (Enclave-level isolation): Application-level isolated execution with 128 GB EPC. SGX enclaves run inside TDX VMs or on the bare metal host directly. Attestation reports allow remote verification of enclave identity and code state before data is transmitted into the enclave.
TME-MK (Physical memory encryption): All DRAM encrypted via AES-XTS with multi-key support. Protects against physical memory attacks without software changes. Operates below the OS and hypervisor layer.
- AES-NI — hardware TLS offload for encrypted communications between Trust Domains and external services
- Intel Boot Guard — hardware-enforced firmware boot chain integrity; prevents rootkits from persisting across reboots
- Control-Flow Enforcement Technology (CET) — hardware ROP/JOP exploit mitigation; relevant for services running inside SGX enclaves
HIPAA and Regulatory Compliance
OpenMetal is HIPAA compliant at the organizational level and offers BAAs for covered entities. The TDX layer provides infrastructure-level PHI isolation that supports HIPAA technical safeguard requirements around access controls and data integrity — though TDX alone does not make a deployment HIPAA-compliant; application-layer controls, audit logging, and encryption in transit remain the operator’s responsibility.
XXL v4 TDX Edition servers in Ashburn, Virginia are hosted in the NTT DATA VA1 facility, which holds HIPAA, SOC1/2 Type II, ISO 27001, PCI DSS, and NIST 800-53 HIGH certifications at the facility-operator level. Los Angeles (Digital Realty LAX10): SOC2, SOC3, ISO 27001, and PCI DSS — HIPAA compliance for Los Angeles is at the OpenMetal organizational level only. Amsterdam (Digital Realty AMS3): SOC1/2, PCI-DSS, ISO 27001, ISO 50001, and ISO 22301 at the facility-operator level. Singapore (Digital Realty SIN10): BCA Green Mark Platinum.
Recommended Workloads on the XXL v4 TDX Edition
Regulated financial services and transaction processing
Payment processing pipelines, trading systems, and financial analytics running under PCI DSS or SOC 2 scoping benefit from TDX memory isolation that prevents other software on the host from accessing transaction data in memory. High-frequency trading systems and OLTP databases handling payment data can run inside TDX VMs, with SGX enclaves managing the cryptographic key material for signing and encryption — with attestation providing proof to auditors that the key management code was not tampered with at the time of processing.
Healthcare PHI and clinical data workloads
HIPAA-covered workloads processing PHI — EHR systems, clinical analytics, medical imaging pipelines — can use TDX Trust Domains to isolate patient data processing from the host environment. OpenMetal’s BAA covers the infrastructure layer. The XXL v4’s 2TB memory pool supports large clinical databases and in-memory analytics over patient datasets without requiring data to leave the Trust Domain for computation.
Multi-tenant SaaS with hardware data isolation
SaaS operators building products for regulated industries (legal, financial, healthcare) can use TDX VMs to provide customers with provable hardware-level data isolation. Each tenant’s VM operates in its own Trust Domain with a unique encryption key — isolation that software-only solutions cannot provide. Attestation reports can be provided to customers as evidence of isolation configuration, enabling contractual commitments around data handling that go beyond shared-tenancy cloud guarantees.
Key management and cryptographic infrastructure
SGX enclaves on the XXL v4 support open-source HSM-equivalent key management (HashiCorp Vault with SGX backend, Microsoft Azure Attestation-compatible services, or custom enclave applications). The 128 GB EPC allows large in-enclave key derivation trees and multi-party computation workloads without EPC paging. TDX VMs can consume keys from SGX enclaves via local attestation, creating an end-to-end hardware-trusted key management and usage chain.
Sovereign cloud and data residency workloads
Organizations with data residency requirements (EU GDPR, German BSI, healthcare data localization laws) deploying in OpenMetal’s Ashburn (US-East) or Amsterdam (EU-West) regions can use TDX attestation to demonstrate that workload memory is processed only within the physical boundary of the specified data center. The fixed-colocation model — hardware in a known facility, no live migration — supports sovereignty claims that public cloud elasticity models complicate.
Confidential machine learning and federated inference
ML inference pipelines processing sensitive input data (medical records, financial data, biometrics) can run inside TDX VMs, ensuring that inference inputs and model weights are not accessible to the infrastructure operator. Federated learning nodes can use SGX enclaves for secure aggregation, with attestation proving that gradient aggregation code has not been modified before other participants contribute data. The XXL v4’s AMX and AVX-512 hardware accelerators are available inside TDX VMs without hypervisor abstraction overhead.
Ready to Deploy a Confidential Computing Environment?
TDX is active at base config — no upgrade quote needed. Tell us about your isolation requirements and we’ll help you configure the right XXL v4 TDX deployment.
XXL v4 TDX Edition Deployment Options
Bare Metal Dedicated Server — TDX Active by Default
Deploy the XXL v4 with TDX active at the base 2048GB configuration. Full root access, IPMI remote management, and dedicated hardware — your workloads run on hardware no other customer touches. OpenMetal provisions with your choice of TDX-compatible OS image.
- TDX-capable OS images: Linux distributions with KVM TDX support available at provisioning; bring your own image via IPMI
- IPMI access included: Out-of-band management for OS reinstalls, remote KVM, and power control without breaking TDX isolation
- Fixed monthly pricing: Lock pricing for up to five years
- Ramp pricing: Available for migrations from environments where TDX enablement required hardware changes or configuration downtime
→ View pricing: openmetal.io/bare-metal-pricing
Available across OpenMetal’s Tier III data center locations. Fixed monthly pricing applies regardless of utilization. No per-hour, per-query, or per-GB billing.
Where to deploy
| Location | Region | Certifications | Location Page |
|---|---|---|---|
| Ashburn, VA | US-East | SOC 1/2 Type II, ISO 27001, PCI DSS, NIST 800-53 HIGH, HIPAA (facility-level) | Ashburn |
| Los Angeles, CA | US-West | SOC 2, SOC 3, ISO 27001, PCI DSS | Los Angeles |
| Amsterdam | EU-West | SOC 1/2, PCI-DSS, ISO 27001, ISO 50001, ISO 22301 | Amsterdam |
| Singapore | Asia | BCA Green Mark Platinum | Singapore |
Get a XXL v4 TDX Edition Quote
Tell us about your infrastructure needs and we’ll provide a custom quote for the XXL v4 TDX Edition.
- Bare metal TDX: Single-server with Trust Domain Extensions enabled, full IPMI access, HIPAA BAA available
- Hosted Private Cloud: Three-node cluster with TDX-active hardware and Day 2 ops included
- Custom configurations: RAM upgrades up to 8192GB (TDX remains active), additional NVMe drives (up to 24 bays)
- HIPAA BAA: Available for healthcare and regulated workloads at all locations
Ramp pricing available for migrations. All deployments include fixed monthly pricing, 99.96%+ network SLA, and DDoS protection.
Specifications, pricing, and availability are subject to change without notice. The information on this page is provided for general guidance and does not constitute a contractual commitment. Contact OpenMetal for current configuration details and pricing. AWS specifications and pricing are sourced from publicly available documentation and may not reflect current rates or configurations.