Home > Intel Communities > Open Port IT Community > The Server Room > Blog > Tags > txt
Up to Blog Posts in The Server Room

The Server Room Blog

4 Posts tagged with the txt tag
JGreene
1

Do you ever wonder where Spam comes from?  I have no idea where the meat-like version of Spam comes from (nor do I wish to ponder that mystery). But it is pretty well established that a huge component of the e-mail and IM Spam that we all know and hate is generated by automated programs (bots) installed on thousands or even millions of unsuspecting systems.  These bots are remotely controlled via command-and-control or even peer-to-peer networks (botnets) to do the bidding of the bot developer—such as propagate Spam or other malicious software or generate denial of service attacks against designated targets.  And all of this could happen without most people even knowing their system is doing anything. 

Botnets are the end result of many malware exploits—as viruses, worms, Trojans, drive-by or click-through attacks may deliver and propagate the bot payload. They are also a crystal clear example of how the objective of attacks have changed from hit-and-run high-profile grabs for fame to instead focus on stealth and establishing and retaining control of assets. Botnets are an ideal tool for the nefarious—they can command huge numbers of widely distributed systems at trivial costs.  While it is hard to estimate how many systems are part of a botnet, the potential is staggering.  For example, the much-publicized Conficker worm is estimated* to have placed more than 4 million unique IP addresses under the control of “bot-masters”. And this huge resource base allows the bot-masters to rent control of these resources to spammers or other agents looking for ways to generate attacks or other nuisances with low risk of being detected.  In essence, they are allowing criminals and spammers to outsource the generation of their malicious activities. It is a frightening business model indeed.

It is also a difficult challenge for IT. Thanks to botnets, it is possible for an IT manager or CIO to get a call from out of the blue asking why their systems are attacking some other company or government entity’s systems.  Or discover a botnets of 100’s of computers with their company.  These type of events can happen to the best IT departments (even Intel or the US Government). Clearly, IT needs tools to help prevent such scenarios, and the antivirus and intrusion detection/prevention industry is working hard to keep up with the rapid growth in the delivery vehicles for bot code.  The other weapon for IT managers is traffic analysis – looking for strange patterns of activity (such as bursts of e-mail traffic from selected systems or floods of network traffic generated against specific targets) that falls outside of business norms to determine if there is another business being conducted with their assets.  While being part of a networked world has wonderful, powerful benefits, it is not without enhanced risk. A botnet is not a network you ever want a member of.

Intel technologies like Trusted Execution Technology (TXT) and instruction set optimizations such as STTNI can be part of these solutions.  Intel® TXT can be used in solutions that help protect systems from software attacks which provide the malware payloads to compromise systems.  In fact, Intel TXT (to be available with Westmere server systems) provides an entirely new protection capability for most systems—providing evaluation of the launch environment and enforcing “known good” code execution. This is important because most malware tools execute only once the system is booted—so Intel TXT provides a valuable complementary protection. And to help with the growing burden of run-time malware and attack analysis, new (with Nehalem) instructions that accelerate string manipulation can boost content inspection software ability to detect anomalies.  And research and development will ensure Intel continues to develop and deploy building blocks to help IT address today’s challenges and tomorrow’s.

We can do that most effectively only if we’re trying to solve the right problems.  Are your systems under attack? (yes, they are). What types of solutions are most effective for you?  Where is the greatest exposure? Is the pain in stopping attacks or cleaning up after them? This is certainly worth thinking about—before some Government agency comes calling asking why your systems are sending them so much spam!

*http://www.confickerworkinggroup.org/wiki/pmwiki.php/ANY/InfectionTracking

1 Comments Permalink Tags: bot, txt, malware, intel_txt, westmere, security_technology, security, control, compliance, attacks, trusted_execution_technology, sttni, nehalem
Iddo Kadim
0

I have a confession to make… Last year was my first IDF. Ever! I had no idea then, that this year I would end up being responsible for a whole track, and sponsoring the Virtualization Community zone. I was lucky that Jake took ownership of the community zone. He assembled a great line-up of demos, from a variety of companies. It should be great, go see!

But this blog is about the Enterprise Cloud track. I set out to make it to represent a theme, rather than a collection of loosely related sessions. In my view, this required a mix of depths – an overview session to explain the concepts alongside deep technical sessions. I also thought it would be a great opportunity to gather some industry leaders beyond Intel to talk about Enterprise Cloud vision and the opportunities it presented for the developers community.

“What is this guy talking about” you must be asking yourself. “What is Enterprise Cloud? Not more hype?!” Well, I think of Enterprise Cloud as a very real vision of the place where actual IT needs meet the aspirations of the Cloud Computing hype.

The Cloud hype is based on some pretty impressive efficiencies that several companies are being told to have achieved. These companies did so by designing custom application to run in their data centers. In some of these cases the data centers and the hardware in them were even custom architected and designed to run these applications. IT wants to gain similar efficiencies. But IT can’t throw away all the legacy applications…

In comes Enterprise Cloud, where IT evolves to gain the efficiencies, without losing the legacy investments…

In the Enterprise Cloud track we’ll cover some of the key technologies that are required for this to happen.

We’ll start with an overview (session ECTS001) on Tuesday at 10:15, where Dylan and I will do an overview of key technology areas: virtualization and performance, Data Center efficiency, evolution of I/O, and security, and why they are critical for the evolution of IT. What will follow are several in-depth sessions that will cover those very topics:

·         ECTS002 – will focus on Intel® Trusted Execution Technology and explain how application can protected in the Enterprise Cloud environment. Check this out in Jim's blog

·         ECTS003 – will cover enhancement for encryption processing in upcoming CPUs. Leslie gives a really great overview in her blog

·         ECTS004 – will talk about technologies to improve Data Center efficiency. David covers one of those technologies here and check out his other blogs as well.

·         ECTS005 – is an in-depth review of Intel’s technologies for virtualization, and will be presented by Intel Fellow Rich Uhlig.

·         ECTS006 – will discuss evolution of I/O, which is necessary to enable IT to gain the desired efficiencies. RK gives an excellent preview in his blog here

·         We also have a Q&A session on Tuesday evening (ECTQ001) to allow an open unscripted conversation with all the track presenters who will be around on Tuesday.

·         Finally, we have a VERY exciting panel (ECTP001, on Tuesday at 5pm). Jake Smith from Intel will lead a discussion with some true industry thought leaders from Cisco, Citrix, Microsoft, Sun, and VMware. The Theme of the panel is “Enterprise Cloud – technologies, usages, and opportunities for the developers community”. This should be an exhilarating hour!

Along with a couple of labs this should a great track. See you at IDF… it all starts tomorrow!!!

0 Comments Permalink Tags: virtualization, server, datacenter, idf_2009, i/o_virtualization, datacenter_efficiency, txt, idf_30in30, enterprise_cloud, aes
JGreene
0

IDF: Something for Everyone

Posted by JGreene Sep 16, 2009

It has been a couple of years since I’ve had the opportunity and pleasure of attending an IDF, but I remember the experience well.  While I had been in the technology industry for many years and was familiar with major tradeshows like Comdex, Interop, CeBit, etc, I recall being amazed that a single company could be the catalyst for such a huge event.  But as I experienced it, it made more sense: after all, Intel sells a very broad line of products to a huge array of customers.  And our products are among the most technologically advanced and complex in the world—yet they are only critical components to solutions that require a wide range of complementary parts—system boards, test tools, compilers, software, BIOS and integrators—to name just a few.  And IDF is the critical venue to galvanize this huge and surprisingly efficient cadre of fellow travelers that will help build upon and deliver our technologies to the world.  It is where we educate, communicate and differentiate, and it is a great showcase for Intel.

This year, I’m excited to be able to participate.  As I wrote a few weeks ago, I’m looking forward to being able to use this showcase to help establish Intel’s focus on server security. We’ve got a couple of key new features—Intel® Trusted Execution Technology (TXT) and Advanced Encryption Standard new instructions (AES-NI) for encryption processing—that promise to make secure processing for servers more complete and efficient.  You can get a glimpse of what Leslie Xu and Michael Kounavis will cover for AESNI. I’ll be working with Mahesh Natu and some friends in the fellow traveler community to help introduce TXT for servers. Like many others, we’ll be using this opportunity to: conduct training for developers (session ECTS002); show the technology in action in a really cool Server Zone demo (Booth #517), and generally help build awareness for TXT and security in general.  I’m really looking forward to the demo.  It is one thing to offer a cool feature, but it is a whole new level of anticipation when one can so clearly visualize how this technology can be deployed to make users’ environments better.

I know that we’re eager to share our enthusiasm and engage the developers and customers that will make our technologies a success.  I’m also keen to get to see other great things coming out of Intel and our fellow travelers. What are you eager to see and hear about at IDF?

0 Comments Permalink Tags: and, server, technology, txt, execution, idf_30in30, idf_2009, trusted, security
Chris P_Intel
1

New Server Security Technologies Are Coming & Why We Need Them

The other day I had the opportunity to talk with Jeff Casazza and James Green from Intel’s Server Platform Group.  The topic? server security.  Our conversation was focused on the introduction of some new security technologies that are on their way and why we need them.  During our discussion, I found myself thinking back to my days in the US Navy, where security was a core topic of everything we did. The introduction of submarines transformed naval tactics and the stealth fighter changed aviation tactics.

So, why does IT put so much emphasis on information security?  … because the cost of a data breech is extremely high.  Imagine if a data breech of your IT systems resulted in losing employee social security numbers or customer information – the cost to recover that data (if possible) and the legal costs (penalties from regulatory agencies) is very, very high.   Jeff and James mentioned that business models are also exposed if these types of information escapes happen – a company’s brand, business and employee relationships could be at risk given the nature of trust and integrity that circle throughout our business.

Security always ranks high in importance, especially when we feel at risk.  As I have transitioned into my new role inside Intel IT, I have found a significant focus on security solutions especially as new threats (for profit attacks), new usages (client / server virtualization, cloud computing) and new collaboration tools (social media) challenge our existing paradigms of information security. 

During my discussion, I learned about two technology standards that Intel is implementing for servers that reduce security risks and address the changing nature of information security attacks happening today and expected tomorrow. 

Stealth Fighters Attacking Your Data: The nature of security attacks have changed.  Previous generation hackers used to target broad wide spread attacks on corporations or the worldwide web trying to disrupt business, gain notoriety with the ability to affect tens of thousands of people.  The newer generation attackers are seeking a smaller target .. a single laptop or a single server.  These new for-profit attacks are aimed at both industrial (business) or government entities and only need a single penetration into your infrastructure to get enough information to create a serious issue for your business.  

Encryption: A solution to defend against the stealth fighter point attack on your data is increased encryption of data.  Data encryption is not new.  Secure Sockets Layer (SSL) encryption for communication over the internet, harddisk encryption and enterprise application encryption are all standard methods IT shops use to protect information.  Unfortunately, encryption is not free, and I’m not talking about purchase cost .. but rather compute cost.  Encryption is a compute intensive process that consumes processing cycles. Intel is planning on introducing new instructions for Advance Encryption Standards (AES-NI) that are intended to dramatically improve the efficiency of encryption in a future version of it’s processor micro architectures. 

Submarines Seeking Your Data From Under Your Hypervisor: Much of the anti-virus and security protection that resides on servers and client machines resides and is run through either the Operating System, Hypervisor or Application layer.   New malware software and root kits are targeting systems at startup before the hypervisor and/or OS boot up undermining the protection you have at the higher levels of the application stack. 

A new server technology from Intel, called Intel® Trusted Execution Technology (Intel TXT) works to ensure your system can boot up to the secure, protected environment you have deployed through your software stack.  In doing this, TXT ensures that your anti-virus software “perimeter” is secure and has not been compromised by a root kit “submarine”.  TXT has been available in Client Intel® vPro™ processor technology-based platforms since 2007.

Tune into the upcoming Intel Developers Forum (www.intel.com/idf) to learn more about plans for securing your server’s data and many other technology innovations from Intel.

Chris

1 Comments Permalink Tags: security, data, secure, submarines, stealth, virtualization, aes, encryption, server, intel, regulatory, servers, it, vpro, txt, it@intel

Popular Blog Posts

Filter Blog

By author: By date: By tag: