Intel Lays a Trap to Ensnare Hackers

Strengthens PC security by guarding against malware

Intel wants to lay a virtual trap for hackers.

The chip maker, which launched its vPro brand for business desktops April 24, aims to increase PC security by stepping up the vPro machines ability to proactively guard against malware.

The company will employ virtualization technology—which can partition a PC to run different types of software simultaneously—to set up a new type of security checkpoint inside each machine. That checkpoint, which is expected to be the first of its kind when it arrives in vPro Professional PCs in the third quarter, can guard a machine by monitoring network traffic into it and intervening if it exhibits behavior patterns consistent with an infection.

"We had to come up with some better, more proactive, more intelligent [and] more automated ways to defend our systems," said Gregory Bryant, general manager for the Digital Office Platforms Group at Intel, in Santa Clara, Calif.

Setting up the security checkpoint involves using an Intel-written virtualization program to set up a separate security partition that stands between the network and the PCs operating system, applications and data to stop malware before it reaches the more sensitive areas, Bryant said.

The action, he said, can augment traditional anti-malware software by acting automatically if it detects an attack—it can shut off the PCs network access, for example—whereas updating anti-virus signatures is a reactive response to a threat.

The partition approach would help speed anti-malware signature distribution to PCs as well, given that anti-malware signatures would only have to be made compatible with the security agent itself, not other types of software, Bryant said.

Symantec, Intels first vPro security partner, will offer a security agent that is both more proactive—it will include behavior analysis designed to root out zero-day attacks—and quicker to deploy signatures, said Enrique Salem, senior vice president for consumer products and solutions at Symantec, in Cupertino, Calif.

vPro Professional machines also will come with TPM (Trusted Platform Module) 1.2 chips, which help with such tasks as securing passwords and data.

Intel, which sustained reduced first-quarter earnings, views offerings such as the added security and virtualization capabilities as a way to extend the reach of the platforms that are based on the companys chips and to fend off rising competition. Rival Advanced Micro Devices is seeing its market share rise at the expense of Intels.

Given that it wants to nudge customers from its single-core to dual-core desktop processors and the platforms that surround them, Intel needs to "show what a dual-core [processor can] do for PC desktops tomorrow that todays desktops wont be able to do," said Charles King, an analyst at Pund-IT Research, in Hayward, Calif. "The concept of creating a virtualized environment or a specific hardware-based partition to [hide] certain kinds of data and processes is a novel one."

Still, Intel doesnt expect all corporations to immediately seize upon vPros security bits. vPro Professional PCs will also offer management tools designed to simplify PC administration, including streamlining such jobs as software updates, and will use less power than current offerings, Intel executives said.

Thus, companies that are most focused on cutting IT costs might be more interested in the management features offered by vPro, Bryant said.

For example, an updated version of Intels Advanced Management Technology will automate software updates and other management tasks that currently often entail a desk-side visit by an IT manager, the company said.

However, corporations initially will not be able to order a PC with both a security partition and a management partition, and the most advanced features will come only on vPro Professional machines, Bryant said.

Computers sold under the vPro brand will come in two configurations. A vPro Professional desktop will come with Intels "Conroe" chip, a forthcoming dual-core processor, as well as the supporting 965 chip set, which Intel said will offer beefier graphics and improvements in audio processing, storage and dual-monitor setups. A vPro Fundamental PC will come with Intels Pentium D—its current dual-core chip—and a lesser 900 Series chip set, and it will lack most of the management technologies found in the vPro Professional PCs.

For its part, Conroe will offer a 40 percent performance boost and use 40 percent less power than the Pentium D, Intel said, giving vPro Professional PCs, which are expected to hit the market in the middle of the third quarter, greater energy efficiency.