Skip To Main Content
Intel logo - Return to the home page
My Tools

Select Your Language

  • Bahasa Indonesia
  • Deutsch
  • English
  • Español
  • Français
  • Português
  • Tiếng Việt
  • ไทย
  • 한국어
  • 日本語
  • 简体中文
  • 繁體中文
Sign In to access restricted content

Using Intel.com Search

You can easily search the entire Intel.com site in several ways.

  • Brand Name: Core i9
  • Document Number: 123456
  • Code Name: Emerald Rapids
  • Special Operators: “Ice Lake”, Ice AND Lake, Ice OR Lake, Ice*

Quick Links

You can also try the quick links below to see results for most popular searches.

  • Product Information
  • Support
  • Drivers & Software

Recent Searches

Sign In to access restricted content

Advanced Search

Only search in

Sign in to access restricted content.
  1. Intel Contributes to Zero Trust

The browser version you are using is not recommended for this site.
Please consider upgrading to the latest version of your browser by clicking one of the following links.

  • Safari
  • Chrome
  • Edge
  • Firefox

How Intel Contributes to Zero Trust

Establishing an advanced security approach to protect infrastructure, people and data.

Traditional security approaches, with secure perimeters and users/devices granted trust once inside, are no longer effective. Remote work, edge processing, hybrid environments, and sophisticated attacks have shown that credentials can be compromised, firewalls can be breached.

Businesses and governments are moving to Zero Trust, a modern framework to protect infrastructure, people, and data based on the belief that no user or asset is inherently trustworthy.  Each user, asset, application, and transaction must be continuously verified. Zero Trust frameworks typically spell out how verification is handled across Identity, Devices, Networks, Applications/Workloads, and Data.

Zero Trust Principles based on NIST guidelines

 
  1. All data sources and computing services are resources.

  2. All communication is secured regardless of network location.

  3. Access to resources is granted on a per-session basis; trust is verified before access is granted with least privileges needed.

  4. Access to resources is determined by dynamic policy defining resources, who members are, and what access members need.

  5. The enterprise monitors and measures the integrity and security posture of assets. No asset is inherently trusted.

  6. All resource authentication and authorization are dynamic and strictly enforced before access is allowed.

  7. The enterprise collects as much information as possible about assets, network infrastructure and communications and uses it to improve security.

     

The Zero Trust Paradox

While Zero Trust mandates a “never trust” mindset, you must establish something to trust (but verify!) as the basis for your strategy.

Hardware, including the component supply chain, offers that root of trust given its privileged position as the foundation of the compute stack.

Intel delivers products, services, and capabilities that partners and customers use to advance their Zero Trust strategy.

What is Silicon-based Security?

 

Security capabilities physically built in at the silicon level.


Differs from software-based protections in which security measures are installed on top of hardware,
leaving layers located below the OS vulnerable.


Meant to complement software-based security measures rather than replace them.


Result is a multidimensional, comprehensive approach that can detect and prevent a greater range of cyberthreats.

 

 

Establish Your Hardware Root of Trust

Zero Trust principle #4:

Access to resources is determined by dynamic policy defining resources, who members are, and what access members need.


For your Zero Trust strategy to be effective, devices must begin in a known good state and be continually verified that they remain that way.

Questions to answer:

  • Where was your device designed, made, assembled and tested?
  • Was the device you ordered what was delivered? 
  • Did your PC boot to a “known healthy state”?
  • Has your firmware or OS been tampered with?

Intel Product Security Assurance

Intel products are protected by the best security assurance in the industry, as measured by ABI Research.

Intel® Transparent Supply Chain

Tools, policies, and procedures to verify the authenticity of systems and components.

Intel® Device Health

Automated identification of foundational vulnerabilities and targeted patches.

Show more Show less

 

 

Get Your Key Management Right

Zero Trust principle #4:

Access to resources is determined by dynamic policy defining resources, who members are, and what access members need.

 

Cryptographic keys are a foundation of modern cybersecurity, used to perform user authentication and enable sensitive information is accessed only by those with the right credentials.

Questions to answer:

  • How are your keys generated?
  • Do you use approved algorithms for random number generation?
  • Where are your keys stored?
  • Who is allowed access?

Intel® Platform Trust Technology

Credential storage and key management supporting Trusted Computing standards.

Intel® Trusted Platform Module 2.0

Microcontroller that helps store essential, critical information to enable platform authentication.

Intel® Secure Key

High entropy random number generator designed to comply with ANSI/NIST standards. 

Show more Show less

 

 

Isolate Your Sensitive Data and Workloads

Zero Trust principle #5:

The enterprise monitors and measures the integrity and security posture of assets. No asset is inherently trusted.

 

Confidential computing solutions protect sensitive and regulated data through isolation, encryption and control, and verification capabilities, helping unlock opportunities for business collaboration and insights.

Questions to answer:

  • Can you protect data “in use”?
  • Do you have silicon-based isolation and mechanisms to limit damage if breached?
  • Are you using secure enclaves or trusted execution environments?
  • How can you verify the trustworthiness of compute assets?

Intel® Software Guard Extensions

Protects data using trusted enclaves to reduce attack surface and access. 

Intel® Trust Domain Extensions

Enables isolation of guest OS and VMs, removing access from the cloud host, hypervisor, and other VMs.

Intel® Trust Authority

Attests that apps and data are protected on the customer’s platform of choice.

Show more Show less

 

 

Verify Your Device Integrity

Zero Trust principle #4:

Access to resources is determined by dynamic policy defining resources, who members are, and what access members need.

 

Trusting your devices comes down to verifying your devices started in a secure state and have not been tampered with or changed or modified in ways you did not authorize.

Questions to answer:

  • Did your PC boot based on its “known healthy state”?
  • Has your firmware been tampered with?
  • Has your OS been tampered with?
  • Is your firmware up to date?
  • Has your BIOS been modified?

Below-the-OS Security

Intel® vPro®-based devices with Windows OS come with Intel® Hardware Shield* that includes capabilities including the following:

Intel® Trusted Execution Technology 

Intel® BIOS Guard

Intel® Boot Guard

Intel® OS Guard

Intel® Firmware Guard

Firmware Update/Recovery

Intel® Tunable Replica Circuit-Fault Injection Detection 

Intel® Runtime BIOS Resilience

Intel® System Resource Defense

Intel® System Security Report

Show more Show less

 

 

Verify VM and Application Integrity

Zero Trust principle #5:

The enterprise monitors and measures the integrity and security posture of assets. No asset is inherently trusted.

 

With an established hardware root of trust and device integrity, the next area to focus is on is ensuring the things running on our devices are also operating as expected.

Questions to answer:

  • Has your application code been tampered with?
  • Has your VM been tampered with?

Intel® Virtualization Technology

Hardware-assisted virtualization of CPU context, I/O devices, and direct memory access.

Intel® Control-flow Enforcement Technology

Protect against misuse of legitimate code through common control-flow hijacking attacks.

 

 

Enhance Detection with Vulnerability Insights

Zero Trust principle #6:

All resource authentication and authorization are dynamic and strictly enforced before access is allowed.

 

AI and advanced silicon-based telemetry offer unparalleled insights to help you detect and defend against targeted attacks.

Questions to answer:

  • Can you discover zero-day attacks?
  • Can you find hidden malware in memory?
  • Can you detect threats within VMs?
  • Can your device detect anomalous behavior?

Intel® Threat Detection Technology

Provides AI-assisted monitoring and GPU and NPU acceleration to discover advanced attacks that bypass traditional detection methods.

Intel® Device Health

Automates identification of foundational (BIOS, microcode, firmware) vulnerabilities and targeted patches across fleets.

 

 

Use Encryption to Prevent Unwanted Access

Zero Trust principle #2:

All communication is secured regardless of network location.

 

In an environment where a breach is expected, encryption is even more critical to safeguarding sensitive data and ensuring only authorized users have access to information and assets.

Questions to answer:

  • How much damage can adversaries do in your environment?
  • Is your device FIPS 140-2/3 certified?
    • Does it use NIST approved algorithms?
    • Have the crypto algorithms been rigorously tested?
    • Does your encryption work as promised?
    • What happens if you lose physical control of your device?

Intel® Secure Key

Random number generator designed for ANSI/NIST compliance, FIPS 140-2/3 validation. 

Intel® Advanced Encryption Standards New Instructions

Enables pervasive data encryption in areas where previously it was not feasible.

Intel® Total Memory Encryption

Provides memory data protection against physical attacks on lost or stolen devices.

Intel® Quick Assist Technology

Offloads compute-intensive workloads to reduce CPU utilization, improve network and storage application performance

Intel® Crypto Acceleration

Enhancements to significantly increase cryptographic performance, starting with instruction set architecture (ISA)

Show more Show less

 

 

Streamline Device Management

Zero Trust principle #5:

The enterprise monitors and measures the integrity and security posture of assets. No asset is inherently trusted.

 

With the growth of remote work, devices and data are being used in more locations, making it critical to adopt comprehensive remote management.

Questions to answer:

  • Are you able to manage your PCs remotely from a central location?
  • Can you manage them even if they are powered off?

Intel® Active Management Technology

Provides comprehensive remote manageability, even access to a device that is powered-off or non-responsive.

Intel® Endpoint Management Assistant

Enables remote, secure management of devices, inside and outside the firewall, over the cloud.

Why Intel and Zero Trust?

 

Intel is uniquely positioned to help you advance a Zero Trust strategy, when you consider:
 

  • Privileged position, developing leading hardware that is the foundation of the compute stack.

  • Breadth of our product portfolio, covering edge, networks, data center and cloud.

  • Decades of experience developing the gold standard for a technology supply chain.

  • An innovative secure development lifecycle that helps ensure every product is designed with security in mind.

  • Robust security assurance program, recently rated tops among silicon providers, which aims to keep our products secure.

     

Read the 2023 Product Security Report and ABI Research report to learn more about Intel leadership in ongoing security assurance.

 

Getting Started

Transitioning to a Zero Trust Architecture (ZTA) is a process that’s as much about evaluating and addressing risk as physical systems to enhance security. In fact, ZTA cannot be accomplished solely with a wholesale replacement of technology.

Intel technology forms a significant part of a ZTA. We partner with leaders across the security ecosystem who provide a diversity of solutions relevant to all customers’ needs and minimize reliance on sole-source solutions.

When you are ready to get started, visit The Best Defenders for Your Business: A Guide to Intel Cybersecurity Partners to learn more about security ecosystem partners who build zero trust architecture implementations rooted in silicon-based security.

  • Company Overview
  • Contact Intel
  • Newsroom
  • Investors
  • Careers
  • Corporate Responsibility
  • Inclusion
  • Public Policy
  • © Intel Corporation
  • Terms of Use
  • *Trademarks
  • Cookies
  • Privacy
  • Supply Chain Transparency
  • Site Map
  • Recycling
  • Your Privacy Choices California Consumer Privacy Act (CCPA) Opt-Out Icon
  • Notice at Collection

Intel technologies may require enabled hardware, software or service activation. // No product or component can be absolutely secure. // Your costs and results may vary. // Performance varies by use, configuration, and other factors. Learn more at intel.com/performanceindex. // See our complete legal Notices and Disclaimers. // Intel is committed to respecting human rights and avoiding causing or contributing to adverse impacts on human rights. See Intel’s Global Human Rights Principles. Intel’s products and software are intended only to be used in applications that do not cause or contribute to adverse impacts on human rights.

Intel Footer Logo