'DC' family general purpose VM size series
Applies to: ✔️ Linux VMs ✔️ Windows VMs ✔️ Flexible scale sets ✔️ Uniform scale sets
Note
'DC' family VMs are specialized for confidential computing scenarios. If your workload doesn't require confidential compute and you're looking for general purpose VMs with similar specs, consider the the standard D-family size series.
The 'DC' sub-family of VM size series are one of Azure's security focused general purpose VM instances. They're designed for confidential computing with enhanced data protection and code confidentiality, featuring hardware-based Trusted Execution Environments (TEEs) with Intel's Software Guard Extensions (SGX). These VMs are ideal for handling highly sensitive data that demands isolation from the host environment, such as in scenarios involving secure enclaves for processing private data, financial transactions, and personally identifiable information (PII), ensuring a higher level of security for critical applications.
Workloads and use cases
Confidential Computing: They support secure enclave technology using Intel SGX, which allows parts of the VM memory to be isolated from the main operating system. This enclave securely processes sensitive data, ensuring that it is protected even from privileged users and underlying system software.
Data Protection: DC-series VMs are ideal for applications that manage, store, and process sensitive data, such as personal identifiable information (PII), financial data, health records, and other types of confidential information. The hardware-based encryption ensures that data is protected at rest and during processing.
Regulatory Compliance: For businesses that need to comply with stringent regulatory requirements for data privacy and security (like GDPR, HIPAA, or financial industry regulations), DC-series VMs provide a hardware-assured environment that can help meet these compliance demands.
Series in family
DCsv2-series
The DCsv2-series virtual machines help protect the confidentiality and integrity of your data and code while it’s processed in the public cloud. DCsv2-series leverage Intel® Software Guard Extensions (SGX), which enable customers to use secure enclaves for protection. These machines are backed by 3.7 GHz Intel® Xeon E-2288G (Coffee Lake) with SGX technology. With Intel® Turbo Boost Max Technology 3.0 these machines can go up to 5.0 GHz.
View the full DCsv2-series page.
Part | Quantity Count Units |
Specs SKU ID, Performance Units, etc. |
---|---|---|
Processor | 1 - 8vCores | Intel® Xeon® E-2288G (Coffee Lake) |
Memory | 4 - 32GiB | |
Data Disks | 1 - 8Disks | |
Network | 1NIC | |
Accelerators | None |
DCsv3 and DCdsv3-series
The DCsv3 and DCdsv3-series Azure Virtual Machines help protect the confidentiality and integrity of your code and data while they're being processed in the public cloud. By using Intel® Software Guard Extensions and Intel® Total Memory Encryption - Multi Key, customers can ensure their data is always encrypted and protected in use. These machines are powered by 3rd Generation Intel® Xeon Scalable processors, and use Intel® Turbo Boost Max Technology 3.0 to reach 3.5 GHz. With this generation, CPU Cores have increased 6x (up to a maximum of 48 physical cores). Encrypted Memory (EPC) has increased 1500x to 256 GB. Regular Memory has increased 12x to 384 GB. All these changes substantially improve the performance and unlock entirely new scenarios.
View the full DCsv3 and DCdsv3-series page.
Part | Quantity Count Units |
Specs SKU ID, Performance Units, etc. |
---|---|---|
Processor | 1 - 48vCores | Intel® Xeon® 8370C (Cooper Lake) |
Memory | 8 - 384GiB | |
Data Disks | 4 - 32Disks | |
Network | 2 - 8NICs | |
Accelerators | None |
DCasv5 and DCadsv5-series
These confidential VMs use AMD's third-Generation EPYCTM 7763v processor in a multi-threaded configuration with up to 256 MB L3 cache. These processors can achieve a boosted maximum frequency of 3.5 GHz. Both series offer Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP). SEV-SNP provides hardware-isolated VMs that protect data from other VMs, the hypervisor, and host management code. Confidential VMs offer hardware-based VM memory encryption. These series also offer OS disk pre-encryption before VM provisioning with different key management solutions.
View the full DCasv5 and DCadsv5-series page.
Part | Quantity Count Units |
Specs SKU ID, Performance Units, etc. |
---|---|---|
Processor | 2 - 96vCores | AMD EPYCTM 7763v (Milan) |
Memory | 8 - 384GiB | |
Data Disks | 4 - 32Disks | 3750 - 450000IOPS / 82 - 4000MBps |
Network | 2 - 8NICs | 3000 - 20000Mbps |
Accelerators | None |
DCas_cc_v5 and DCads_cc_v5-series
Confidential child capable VMs allow you to borrow resources from the parent VM you deploy, to create AMD SEV-SNP protected child VMs. The parent VM has almost complete feature parity with any other general purpose Azure VM (for example, D-series VMs). This parent-child deployment model can help you achieve higher levels of isolation from the Azure host and parent VM. These confidential child capable VMs are built on the same hardware that powers our Azure confidential VMs. Azure confidential VMs are now generally available.
View the full DCas_cc_v5 and DCads_cc_v5-series page.
Part | Quantity Count Units |
Specs SKU ID, Performance Units, etc. |
---|---|---|
Processor | 4 - 96vCores | AMD EPYCTM |
Memory | 16 - 384GiB | |
Data Disks | 8 - 32Disks | 6400 - 80000IOPS / 144-1600MBps |
Network | 2 - 8NICs | |
Accelerators | None |
DCesv5 and DCedsv5-series
The DCesv5-series and DCedsv5-series are Azure confidential VMs that can be used to protect the confidentiality and integrity of your code and data while it's being processed in the public cloud. Organizations can use these VMs to seamlessly bring confidential workloads to the cloud without any code changes to the application.
These machines are powered by Intel® 4th Generation Xeon® Scalable processors with Base Frequency of 2.1 GHz, All Core Turbo Frequency of reach 2.9 GHz and Intel® Advanced Matrix Extensions (AMX) for AI acceleration.
Featuring Intel® Trust Domain Extensions (TDX), these VMs are hardened from the cloud virtualized environment by denying the hypervisor, other host management code and administrators access to the VM memory and state. It helps to protect VMs against a broad range of sophisticated hardware and software attacks.
These VMs have native support for confidential disk encryption meaning organizations can encrypt their VM disks at boot with either a customer-managed key (CMK), or platform-managed key (PMK). This feature is fully integrated with Azure KeyVault or Azure Managed HSM with validation for FIPS 140-2 Level 3.
View the full DCesv5 and DCedsv5-series page.
Part | Quantity Count Units |
Specs SKU ID, Performance Units, etc. |
---|---|---|
Processor | 2 - 96vCores | Intel® Xeon® Scalable |
Memory | 8 - 384GiB | |
Data Disks | 4 - 32Disks | 3750 - 120000IOPS / 80 - 4000MBps |
Network | 2 - 8NICs | 3000 - 30000Mbps |
Accelerators | None |
Previous-generation DC family series
For older sizes, see previous generation sizes.
Other size information
List of all available sizes: Sizes
Pricing Calculator: Pricing Calculator
Information on Disk Types: Disk Types
Next steps
Learn more about how Azure compute units (ACU) can help you compare compute performance across Azure SKUs.
Check out Azure Dedicated Hosts for physical servers able to host one or more virtual machines assigned to one Azure subscription.
Learn how to Monitor Azure virtual machines.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for