A secure enclave is a software isolation mechanism that is finer grained than that offered by VMs.
Until SGX is commercially available, the state of the art for software isolation in existing microprocessors is ARM Trustzone,8 implemented in most newer ARM chips.