OK, another disclaimer:
Intel is an investor in SignaCert. Further, we are under NDA working on platform initiatives. Can’t say more…that is why we have the NDA. With that said, I am going to observe without bias or apparent subjectivity.
Enter the Positive Security Enabled Platform….
In April 2006 and without great fanfare Intel formally renamed the Professional Business Platform to vPro. The goal was to further its line of “platform” branding ala the very successful Centrino mobile technology.
This began the unfurling of a major new set of platform capabilities that are being aggressively messaged to Intel’s OEM partners. Perhaps even more importantly the value, benefits and features of vPro are now beginning to crystallize end-customers.
Next week at the Intel Developer Forum (IDF) in San Francisco, Intel will shed more light on these important developments. As mentioned in the last blog post, over the last several weeks, Intel began the process of messaging the latest set of vPro platform improvements (dubbed Weybridge). As these new capabilities come to market they fall into the following categories:
–Trusted Execution Technology (TxT) brings the long awaited LaGrande technologies into vPro
–Enhanced Virtualization Technologies (VT) capabilities
These capabilities enable the creation and management of “trusted memory spaces” utilizing a much more robust set of capabilities to create a “Measured Launch Environment” or MLE for the system software stack. The MLE capabilities support both a monolithic and virtual machine (VM) environment. VT allows for specific optimization of these methods for VM providers.
–Enhancements to the Intel Active Management Technologies (iAMT) providing enhanced Out-of-Band capabilities and support.
–Support of the Distributed Management Task Force’s (DMTF) DASH 1.0 draft interoperability specification and Web Services Management (WS-MAN).
These capabilities, along with the first time inclusion of a Cisco-certified embedded trust agent, promise to make the remote management and powered down capabilities of the Intel Active Management Technology (iAMT) truly useful for enterprise customers.
Several IDF Sessions will focus on understanding how these enhancements are being leveraged by other standards, methods and architectures. Be sure to attend the Security and Safer Computer Initiatives Sessions.
Details are listed below.
Featured Technical Sessions:
–SCIC001 Security Technologies Chalk Talk
–SCIS001 Security Kickoff: Providing World-Class Security and Data Protection for the PC Platform
–SCIS002 Safer Computing Initiative and Trusted Computing
–SCIS003 Making Security Practical in the Enterprise with Client Technologies
–SCIS004 Verified Launch with Launch Control
–SCIS005 Delivering Security Requires More Than Features
–SCIS006 Research on Platform Security Technologies
Overall this the vPro marks one of the most significant efforts to date by any platform vendor to move to a more “proactive security and systems management”. Other points to note are:
–The many discussions about utilizing “white lists” to supplement our almost complete reliance on third-party black list vendors and methods for securing the enterprise.
–The further evidence of methods and technologies being moved into commodity silicon.
–The Trusted Computing Group (TCG) aspects of Intel’s platforms will become very evident. Verified/Measured boot and “transitive trust” methods (and their value) will be revealed.
–The Trusted Platform Module (TPM) bits are finally getting a real workout. The TPM will begin to take on the definitive roll of the “anchor of trust” for the platform.
Many years and several 100’s of millions of dollars have gone into these efforts. Regardless of the chip wars, and the emerging virtualization wars – these developments promise to have a profound impact on computing as we know it today.
Check them out. They are a bit techie by nature so be sure to bring your pocket protector.