Intel vPro Lays Security Groundwork For Desktop PCs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Hardware & Infrastructure

Intel vPro Lays Security Groundwork For Desktop PCs

The support of vendors like IBM, HP, and Cisco is key to Intel becoming a major provider of security technology in the corporations, analysts suggest.

Security in desktop PCs has long been a function of software, but with Intel's new vPro platform the chipmaker is looking to reduce vulnerabilities by taking the battle against viruses and malicious code to the hardware.

VPro, unveiled on Monday, offers a host of security features that try to batten down the hatches when a virus storm lashes the network. In addition, version 2 of the platform released last year includes management features that if exploited by software vendors would give IT staff better control over corporate desktops.

The support of software vendors is key to Intel becoming a major provider of security technology in the corporations. "The various pieces of the ecosystem -- operating system, hardware, and virtualization -- basically need to be on the same page, and that can be difficult," Gordon Haff, analyst for Illuminata, told InformationWeek. "In general, features in hardware are going to have to be exploited by software."

But without security built into the CPU and surrounding chipset, desktops won't be as secure as possible. "If you just go with software, then somebody will get to (the computer)," Jim McGregor, analyst for In-Stat, said.

The latest vPro platform is comprised of the Intel Core 2 Duo processor and the Q35 Express chipset. New to the platform is what Intel calls Trusted Execution Technology (TXT), which is mostly about offering software developers the option of programming to features in the chipset that protect applications once a virus or other malicious code has invaded a desktop system. The features include booting software into a known, trusted state set when the application is first installed, preventing compromised software from being launched.

TXT also offers assigned memory partitions, so an application can be launched into its own sandbox, inaccessible from other software or hardware. The third key security feature prevents access to data that's left in memory, a processor cache, or elsewhere in the system when software is closed or crashes.

Security features hard-coded into vPro, which means they are automatically deployed, are part of the platform's management capabilities, which Intel calls Active Management Technology. The new features involve the filtering of outbound traffic from a system.

If AMT notices an excessive number of new connection attempts from a single port or a group of ports, then the technology isolates the desktop's operating system by dropping all communications with other systems and applications on the network. However, it maintains communications with an IT department's software management console, such as in Hewlett-Packard's OpenView, or IBM's Tivoli. This potentially prevents a virus that has reproduced itself in an infected machine from spreading on the network, Intel said.

The vPro processor technology also offers an embedded agent that can be exploited by users of Cisco Systems' "self-defending network" products. Essentially, Cisco networking equipment can be configured to use the agent to check whether a desktop logging on to a corporate system has an approved version of the operating system, the right type of anti-virus software and the current set of patches.

Intel claims that despite adding all the new features to vPro, the technology uses less power than last year's version. The CPU idle power has been reduced by more than 60%, and the chipset's idle power and maximum power for full operation has been cut by more than 50%, Gregory Bryant, VP and general manager of Digital Office Platform Division, said.

The professional, or corporate, version of Intel's notebook platform, called Centrino Pro, is available, but without any of the new features in the desktop version. A Centrino Pro version that's "roughly equivalent" to the latest rev of vPro is codenamed Montevina and set for release in the first half of next year, Bryant said.

Major computer makers and channel resellers are now selling desktops with the new vPro processor, Intel said. The chipmaker also said that 350 companies were deploying the technology worldwide.

Nevertheless, McGregor cautioned that adoption will be gradual, given that before the technology's full potential can be used, every current desktop in a corporation would have to be replaced, which means many companies won't adopt vPro until their ready to replace their current PCs. "It's important (to companies) in the long term, but not necessarily in the short term," McGregor said of vPro.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Can Low Code Measure Up to Tomorrow's Programming Demands?
Joao-Pierre S. Ruth, Senior Writer,  11/16/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll