Get Proactive Security on the Chip for Defense in Depth
Adopt a proactive security posture, with hardware-based protection from data loss that continually analyzes the environment to guard against attack. Because these capabilities reside on the chip, they continue to work even if the operating system becomes non-functional. Improve time-to-compliance for software by up to 95 percent on desktop PCs, decreasing the window of vulnerability to new threats.1,2
Intel® Centrino® with vPro™ Technology and Intel® Core™2 Processor with vPro™ Technology offer you the ability to continuously scan and isolate compromised PCs from the network, and then repair and reconnect them remotely. Verify the presence of security agents, and improve the distribution of security software. Hardware-based features working with your existing software applications can deliver a more robust solution than with software-based security alone.
Identify and isolate threats¹
Guard your sensitive dat—by harnessing the power of protected virtualization with Intel® Virtualization Technology and Intel® Trusted Execution Technology, which provide a more secure, tamper-resistant, isolated environment for IT3.
Identify threats before they happen—with enhanced system defense filters that identify malicious patterns in network traffic to alert the system to attacks.1 Because these filters are hardware-based, they remain operational even if the system's security agents are compromised or unresponsive.
Isolate compromised PCs—to contain threats by automatically disconnecting affected machines from OS-based network communications. And since IT can still communicate through the hardware-based out-of-band communication channel, PCs can be diagnosed and repaired, then brought back onto the network using an IT management console1.
Verify and improve reliability of security agents¹
Monitor third-party security software—with regular, programmable "heartbeat" presence checking, which uses a "watchdog" timer so business-critical applications can check in with the management engine at one-second intervals to confirm that the agent is still active.
Help protect antivirus signatures and other security data—in a tamper-resistant nonvolatile memory store that is protected by an Access Control List.
Improve protection of security software¹
Step up your vigilance against viruses and worms>—with Execute Disable Bit4 functionality that provides hardware-assisted virus protection against a whole class of viruses and worms.
Deploy security patches and remote updates—to your networked business PCs even if they are powered down or inoperable, reducing deskside visits, increasing your workforce efficiency, and ensuring that your PCs do not remain vulnerable to attack1.
1 Intel® Active Management Technology (Intel® AMT) requires the computer system to have an Intel® AMT-enabled chipset, network hardware and software, as well as connection with a power source and a corporate network connection. Setup requires configuration by the purchaser and may require scripting with the management console or further integration into existing security frameworks to enable certain functionality. It may also require modifications of implementation of new business processes. For more information, see www.intel.com/technology/platform-technology/intel-amt/.
2 Results shown are from the 2007 EDS Case Studies with Intel® Core™2 Processor with vPro™ Technology, by LeGrand and Salamasick, 3rd party audit commissioned by Intel, of various enterprise IT environments. The studies compare test environments of Intel® Core™2 Processor with vPro™ Technology equipped PCs vs non-Intel® Core™2 Processor with vPro™ Technology environments. Tested PCs were in multiple OS and power states to mirror a typical working environment. Actual results may vary. For more information, see www.intel.com/business/casestudies/intel_case_studies.pdf (PDF 529KB).
3 No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology requires a computer system with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). The MLE could consist of a virtual machine monitor, an OS or an application. In addition, Intel TXT requires the system to contain a TPM v1.2, as defined by the Trusted Computing Group, and specific software for some uses. For more information, see www.intel.com/technology/security
4 Enabling Execute Disable Bit functionality requires a PC with a processor with Execute Disable Bit capability and a supporting operating system. Check with your PC manufacturer on whether your system delivers Execute Disable Bit functionality.
Hardware meets software
See how Intel's hardware-based technology has made IT management easier. Check out Intel's first-ever music videos, directed by Christopher Guest.
"Always available communications enable delivery of remote updates and patches, accelerating distribution and reducing overall vulnerability. Enterprise-wide actions like mass shutdown can be performed during off hours as an automatic process."
EDS Pilot Test Team²
The center of an industry-wide initiative
Learn how Intel processor technology provides an ideal foundation for software solutions designed by leading software makers. Explore the ecosystem
Intel community
Hear the latest podcast or webcast, and join in on the IT@Intel blog and other community programs. View Intel IT community resources
Print
Email
