Intel Emphasizes Security with New Platform

The new platform, formally called "Weybridge," offers a management and energy savings features as well as security support for 802.1x networks and Cisco's NAC.

Intel is preparing to release a new version of its vPro platform Aug. 27, which will include an emphasis on security that the chip maker hopes will expand the reach of its desktop management technology.

The new version of vPro platform, which Intel had called "Weybridge," will sport three different Core 2 Duo processors, along with the companys Q35 Express chip set and its 82566DM gigabit network interface connector.

While the first version of vPro, which came to market in April 2006, focused mainly on technology that would make it easier for IT administrators to remotely manage desktops and have better control of a large fleet of corporate PCs, the 2007 update to the platform will add new security features as well as virtualization capabilities.

"We are trying to be a little more innovative and proactive by driving security capabilities right into the platform itself," said Gregory Bryant, vice president for Intels Digital Platform Division.

After the initial introduction, Intel, based in Santa Clara, Calif., and several PC vendors began introducing the first desktop models with vPro technology in Sept. 2006 and then announced that its new Centrino Pro mobile platform would include vPro in May 2007. Since that time, Intel executives have said that the company has shipped more than four million units with more than 350 enterprises deploying vPro-based clients.


Intel and AMD are setting their sites on the high-end of the market. Click here to read more.

Roger Kay, an analyst with Endpoint Technologies, said a company would need to have vPro technology installed in about 25 percent of its PC fleet before it was reasonable to deploy all the management and security features included in the platform.

Kay estimates that most companies are now hitting the 20 percent mark and with the addition of vPro technology in the Centrino platform, he suspects that more companies will now begin deploying the full range of vPro features.

"Right now, it [vPro] is still pretty sparse and its been a slow adoption, but Intel has been pleased with the uptake and some of the IT guys who see the potential really want to get their hands on the vPro stuff," Kay said.

"After Intel added Centrino, a company can have the entire client based management under this heading and that makes for a better justification for investing in it. That is also a recent development and I think its still in its early stages."

One of the most significant updates to the vPro platform is the next generation of Intels AMT (Active Management Technology), which provides a hardware and software management engine that allows a number of on-board capabilities, such as monitoring the PCs hardware and software configuration to give a more holistic view of the system. The latest version of AMT will also feature embedded filtering technology built into the firmware of the silicon itself.

This filter technology will help protect a PC from common malware problems and offer a level of protection to the desktop both before and after third-party security software is installed. The technology also alerts the IT administration of the problems and can isolate a single machine from the network. The filters work by logging all outbound packets. The filter then analyzes these logs for specific, malicious patterns, such as excessive attempts to connect through a single port.


Click here to read more about Intels development of silicon photonics.

Intel is also offering what it calls an embedded trust agent in the platform, which will not only support the IEEE 802.1x standards, but is also certified by Cisco for its Network Admission Control. The agent is not dependent on operating system availability and will continue to work and manage the PC whether the desktop is shutdown or the OS has been disabled, without lowering the network security.

This vPro development will allow for greater out-of-band management abilities, such as remote power control and diagnostic testing, even if the operating system has failed while maintaining network authentication.

The fact that Cisco is now on board with vPro shows what Intel is trying to do with the brand. Specifically, the company is trying to get third-party vendors and ISVs to build on top of its platform instead of Intel trying to develop proprietary standards on its own, Kay said. In addition to Cisco, Symantec is developing security features for vPro, while Altiris was tapped to offer a management agent.

Page 2: Intel Emphasizes Security with New Platform