Intel Lays Hacker Trap

By John G. Spooner  |  Posted 2006-04-26

Intel Lays Hacker Trap

Intel wants to lay a virtual trap for hackers.

The chip maker, which launched its vPro brand for business desktops April 24, aims to increase PC security by stepping up the vPro machines abilities to proactively guard against malware.

The company will employ virtualization technology—which can partition a PC to run different types of software simultaneously—to set up a new type of security checkpoint inside each machine.

That checkpoint, which is expected to be the first of its kind for client PCs when it arrives in vPro Professional PCs in the third quarter, can guard a machine by monitoring network traffic into it and intervening if it exhibits behavior patterns consistent with an infection.

"We had to come up with some better, more proactive, more intelligent [and] more automated ways to defend our systems," said Gregory Bryant, general manager for the Digital Office Platforms Group at Intel, in Santa Clara, Calif.

Setting up the security checkpoint involves using an Intel-written virtualization program to create a separate security partition that stands between the network and the PCs OS, applications and data to stop malware before it reaches the more sensitive areas, Bryant said.

To read more about Intels business desktops, click here.

The action, he said, can augment traditional anti-malware software by acting automatically if it detects an attack—it can shut off the PCs network access, for example—whereas updating anti-virus signatures is a reactive response to a threat.

The partition approach would help speed anti-malware signature distribution to PCs as well, given that anti-malware signatures would only have to be made compatible with the security agent itself, not other types of software.

Symantec, Intels first vPro security partner, will offer a security agent that will reside in the partition, which it says is both more proactive—it will include behavior analysis designed to root out zero-day attacks—and quicker to deploy signatures, said Enrique Salem, senior vice president for consumer products and solutions at Symantec, in Cupertino, Calif.

vPro Professional machines will also come with TPM (Trusted Platform Module) 1.2 chips, which help in such tasks as securing passwords and data.

Next Page: Competition.


Intel, which saw reduced first-quarter earnings, said it views such offerings as the added security and virtualization capabilities as a way to extend the reach of the platforms that are based on the companys chips and fend off rising competition.

Its rival, Advanced Micro Devices, is seeing its market share rise at the expense of Intels and has been increasingly eyeing the business client PC space, a traditional Intel stronghold, as an area to expand in.

Thus, given the need to protect its flank and the desire to nudge customers from its single-core to dual-core desktop processors and the platforms that surround them, Intel needs to "show what can a dual-core [processor] do for PC desktops tomorrow that todays desktops wont be able to do," said Charles King, principal analyst at Pund-IT Research, in Hayward, Calif.

"The concept of creating a virtualized environment or a specific hardware-based partition to secret certain kinds of data and processes [to answer the question] is a novel one. And I think its one thats well worth examining."

Still, Intel doesnt expect all corporations to immediately seize upon vPros security bits.

vPro Professional PCs will also offer management tools designed to simplify PC administration, including streamlining such jobs as software updates, and will use less power than current offerings, Intel executives said.

Thus companies who are most focused on cutting IT costs might be more interested in the management features offered by vPro, Bryant said.

For example, an updated version of Intels Advanced Management Technology will automate software updates and other management tasks that currently often entail a desk-side visit by an IT manager, the company said.

Security software maker Altiris, meanwhile, is working on the first management agent, designed to inhabit the management partition inside vPro PCs for businesses who wish to make it easier to manage their desktops, Bryant said.

However, companies initially will not be able to order a PC with both a security partition and a management partition, and the most advanced features will only come on vPro Professional machines, he said.

Computers sold under the vPro brand will come in two configurations.

A vPro or Professional desktop will come with Intels Conroe chip, a forthcoming dual-core processor, as well as the supporting 965 chip set, which Intel has said will offer beefier graphics and improvements in audio processing, storage and dual-monitor setups.

Ziff Davis Media eSeminars invite: Join this eSeminar at 12:30 p.m. ET on May 3 and learn the real risks and implications of vulnerabilities to your business.

A vPro Fundamental PC will come with Intels Pentium D—its current dual-core chip—and a lesser 900-series chip set, and will lack most of the management technologies found in the Professional-series PCs.

For its part, Conroe will offer a 40 percent performance boost and use 40 percent less power than the Pentium D, Intel has said, giving vPro Professional PCs greater energy efficiency.

PC manufacturers, including Dell, Gateway, Hewlett-Packard and Lenovo, will offer PCs based on the new platform.

Systems will begin sampling in the second quarter, though vPro desktops arent expected to hit the market until the middle of the third quarter, following the unveiling of Conroe and other parts that make them up.

Intel will extend vPro features to notebooks in 2007. A forthcoming notebook platform, dubbed Santa Rosa, will incorporate AMT and virtualization features, for example, Bryant said.

Check out eWEEK.coms for the latest news in desktop and notebook computing.

Rocket Fuel