x86-64-v2-AES is a QEMU/KVM CPU model that includes the AES-NI (Advanced Encryption Standard New Instructions) instruction set, which accelerates encryption and decryption operations.
For Intel Xeon processors supporting the LGA 2011 socket (such as the Xeon E5-2640 v2), the x86-64-v2-AES CPU type is supported only if the CPU supports the required instruction sets.
- LGA 2011 Xeon processors (e.g., Xeon E5-2640 v2) based on the Ivy Bridge-EP or Haswell-EP microarchitectures do support:
- SSE4.1, SSE4.2, SSSE3, POPCNT
- AES-NI (AES instruction set) – confirmed in the LGA 2011 specifications.
Therefore, yes, the Xeon processors on LGA 2011 sockets support x86-64-v2-AES, as they meet the minimum requirements:
- Intel CPU ≥ Westmere (for x86-64-v2-AES)
- LGA 2011 Xeons (Ivy Bridge-EP and Haswell-EP) are well beyond Westmere, so they are fully compatible.
✅ Conclusion: You can safely use x86-64-v2-AES as a CPU type for virtual machines running on LGA 2011 Xeon hosts. It will enable AES-NI acceleration, improving performance for encryption-heavy workloads.
⚠️ Note: While x86-64-v2-AES is safe and beneficial, using "host" CPU type may provide slightly better performance (if live migration is not needed), but it limits portability across different CPU generations.