Tuesday, August 28, 2007

Intel Ramps Up Security in New vPro for Desktops

Intel's upgrade of its vPro processor technology adds Intel Trusted Execution Technology, formerly code-named "LaGrande," to protect data within virtualized computing environments. The version's updated system defense filters can identify more threats in the network traffic flow.



Intel (Nasdaq: INTC) has upgraded its vPro processor technology for desktop PCs with a host of new security features that protect against viruses, hacker attacks and other threats, the company announced Monday.

The upgraded vPro, formerly code-named "Weybridge," combines an Intel Core 2 Duo processor with an Intel Q35 Express chipset and several technology innovations. One new feature added, for example, is the ability to "wake and repair" a computer with an inoperative operating system or hard drive -- something that previously couldn't be done, Intel said.

"Today, the business desktop PC just got more secure," said Robert Crooke, vice president and general manager of Intel's business client group. "This generation of Intel vPro processor technology arrives with new security and management capabilities along with support from every leading PC manufacturer and software solution vendor in the world."


Reduced Vulnerability
Computer makers including Dell (Nasdaq: DELL) , HP (NYSE: HPQ) and Lenovo are using Intel's vPro technology, which originally debuted last year, in their machines.

This new generation of the technology adds Intel Trusted Execution Technology (TXT), formerly code-named "LaGrande," to protect data within virtualized computing environments. When used with Intel's Virtualization Technology for Directed I/O, the hardware-based protection isolates assigned memory to make virtual machine monitors less vulnerable to attacks that most software-based solutions can't detect.

The vPro's improved system defense filters can identify more threats in the network traffic flow. An embedded trust agent certified by Cisco (Nasdaq: CSCO) , meanwhile, provides "the industry's only 802.1x-compatible manageability solution" not dependent on operating system availability, Intel says.

DASH Compatibility
PCs that have crashed or been turned off can be repaired using the newest generation of Intel Active Management Technology, which includes remote configuration tools and compliance with the latest industry standards.

In fact, PCs with this vPro version will be among the first to comply with the Distributed Management Task Force's DASH 1.0 draft interoperability specification and Web Services Management (WS-MAN), Intel said.

Finally, by increasing performance by 30 percent over the previous generation while reducing power consumption, the new vPro technology will also deliver improvements in energy efficiency, Intel said.

"Security and client management are top concerns for our customers' business," said Kevin Frost, worldwide vice president of HP Business PCs. "To address these customer demands, HP remains committed to supporting Intel vPro processor technology."

Behavior Analysis
By searching for behavior patterns rather than signatures, the vPro's new security features improve on those commonly found in many other offerings, Roger Kay, president of Endpoint Technologies, told TechNewsWorld.

"This lets you prevent zero-day attacks for which there is no known signature because they have never been seen," he explained. "Signature analysis doesn't help you when you're attacked by something that's never been seen before."

Instead, the technology watches for behaviors like a program that suddenly starts probing all the ports in a system, or that bombards a port with thousands of inquiries in rapid succession. "No legitimate program would behave that way," Kay explained.

A Gradual Evolution
Intel's incorporation of industry standards is also encouraging, as is the fact that it's continuing to enhance the features it began with rather than starting from scratch in the new generation, Jim McGregor, research director and principal analyst with In-Stat, told TechNewsWorld.

Early adopters of the technology will likely be IT outsourcers such as IBM (NYSE: IBM) and EDS, McGregor said, which will probably be able to integrate on a large scale faster than most enterprises can.

Given that much of the industry "hasn't really woken up to the huge issue of security," however, the vPro's biggest benefits likely won't be realized for a few years, McGregor said. "Will this mean a huge short-term gain for Intel or its customers?" he asked. "No -- it's an evolutionary thing that will become more important as we go along."