Demystifying AMD SEV Performance Penalty for NFV Deployment
Syafiq Al Atiiq, Aris Cahyadi Risdianto
TL;DR
The paper tackles securing NFV in cloud environments by evaluating AMD SEV-SNP as a practically deployable alternative to Intel SGX. It implements SEV-IDS by running an unmodified Snort IDS inside a SEV-SNP trusted VM and benchmarks it against a SGX-based SEC-IDS baseline, finding an approximate 20% native-performance penalty. The work demonstrates that full VM-level encryption and attestation can protect NF components with minimal code changes, highlighting a favorable trade-off between security guarantees and deployment simplicity. The findings have practical implications for enabling secure NFV deployments in public clouds where rapid, low-effort virtualization-based security is desirable.
Abstract
Network Function Virtualization (NFV) has shifted communication networks towards more adaptable software solutions, but this transition raises new security concerns, particularly in public cloud deployments. While Intel's Software Guard Extensions (SGX) offers a potential remedy, it requires complex application adaptations. This paper investigates AMD's Secure Encrypted Virtualization (SEV) as an alternative approach for securing NFV. SEV encrypts virtual machine (VM) memory, protecting it from threats, including those at the hypervisor level, without requiring application modifications. We explore the practicality and performance implications of executing native network function (NF) implementations in AMD SEV-SNP, the latest iteration of SEV. Our study focuses on running an unmodified Snort NF within SEV. Results show an average performance penalty of approximately 20% across various traffic and packet configurations, demonstrating a trade-off between security and performance that may be acceptable for many NFV deployments.