Home > Intel Communities > Open Port IT Community > The Server Room > Blog > Tags > vpro
Up to Blog Posts in The Server Room

The Server Room Blog

2 Posts tagged with the vpro tag
Chris P_Intel
1

New Server Security Technologies Are Coming & Why We Need Them

The other day I had the opportunity to talk with Jeff Casazza and James Green from Intel’s Server Platform Group.  The topic? server security.  Our conversation was focused on the introduction of some new security technologies that are on their way and why we need them.  During our discussion, I found myself thinking back to my days in the US Navy, where security was a core topic of everything we did. The introduction of submarines transformed naval tactics and the stealth fighter changed aviation tactics.

So, why does IT put so much emphasis on information security?  … because the cost of a data breech is extremely high.  Imagine if a data breech of your IT systems resulted in losing employee social security numbers or customer information – the cost to recover that data (if possible) and the legal costs (penalties from regulatory agencies) is very, very high.   Jeff and James mentioned that business models are also exposed if these types of information escapes happen – a company’s brand, business and employee relationships could be at risk given the nature of trust and integrity that circle throughout our business.

Security always ranks high in importance, especially when we feel at risk.  As I have transitioned into my new role inside Intel IT, I have found a significant focus on security solutions especially as new threats (for profit attacks), new usages (client / server virtualization, cloud computing) and new collaboration tools (social media) challenge our existing paradigms of information security. 

During my discussion, I learned about two technology standards that Intel is implementing for servers that reduce security risks and address the changing nature of information security attacks happening today and expected tomorrow. 

Stealth Fighters Attacking Your Data: The nature of security attacks have changed.  Previous generation hackers used to target broad wide spread attacks on corporations or the worldwide web trying to disrupt business, gain notoriety with the ability to affect tens of thousands of people.  The newer generation attackers are seeking a smaller target .. a single laptop or a single server.  These new for-profit attacks are aimed at both industrial (business) or government entities and only need a single penetration into your infrastructure to get enough information to create a serious issue for your business.  

Encryption: A solution to defend against the stealth fighter point attack on your data is increased encryption of data.  Data encryption is not new.  Secure Sockets Layer (SSL) encryption for communication over the internet, harddisk encryption and enterprise application encryption are all standard methods IT shops use to protect information.  Unfortunately, encryption is not free, and I’m not talking about purchase cost .. but rather compute cost.  Encryption is a compute intensive process that consumes processing cycles. Intel is planning on introducing new instructions for Advance Encryption Standards (AES-NI) that are intended to dramatically improve the efficiency of encryption in a future version of it’s processor micro architectures. 

Submarines Seeking Your Data From Under Your Hypervisor: Much of the anti-virus and security protection that resides on servers and client machines resides and is run through either the Operating System, Hypervisor or Application layer.   New malware software and root kits are targeting systems at startup before the hypervisor and/or OS boot up undermining the protection you have at the higher levels of the application stack. 

A new server technology from Intel, called Intel® Trusted Execution Technology (Intel TXT) works to ensure your system can boot up to the secure, protected environment you have deployed through your software stack.  In doing this, TXT ensures that your anti-virus software “perimeter” is secure and has not been compromised by a root kit “submarine”.  TXT has been available in Client Intel® vPro™ processor technology-based platforms since 2007.

Tune into the upcoming Intel Developers Forum (www.intel.com/idf) to learn more about plans for securing your server’s data and many other technology innovations from Intel.

Chris

1 Comments Permalink Tags: security, data, secure, submarines, stealth, virtualization, aes, encryption, server, intel, regulatory, servers, it, vpro, txt, it@intel
Mark Wright
0

Two weeks ago, I flew to Mexico City to present on virtualization technologies to both government agencies and private industry.  In both cases their issues were the same.  They are trying to do more with less.  In these times of global economic uncertainty, businesses are being challenged to reduce spending, while still improving infrastructure to keep up with business demand.  This is true, especially in the US, where in one case the construction of a 300 million dollar data center was put on hold and instead IT was task to reduce their server footprint in an at-capacity data center. The new focuses . . . find ways to reduce overall power and cooling costs.  Almost every company is looking at virtualization as one key component of the equation to finding solutions to these data center problems.

The combination of a managed virtualization solution coupled with an efficient Intel processor based server is one highly effective means to solve the “do more with less” mandate.  Let’s start by talking about the new Xeon 5500 processor that was just unveiled last Monday.  You have a need to reduce power and consolidate servers?  A Xeon 5500 based server can effectively replace eight to nine older single-core servers. 9x performance improvements have been seen using things like Turbo Boost.  The processor idle power drops to only 10 watts, enabling a 50% reduction in system idle power compared to our previous generation chip.  Everything I’m seeing on this is that you can recoup your capital investment in around 8 to 9 months from reduced maintenance, power use, software licensing, and cooling costs. Your energy savings alone can be as high as a 90% reduction!  That’s big! 

Check out more details on the launch of the new Xeon 5500 processor with Intel’s press release.

http://www.intel.com/pressroom/archive/releases/20090330corp_sm.htm?iid=pr1_releasepri_20090330smr#story

Second, let’s talk about Intel’s power management embedded in the chipset.  This component is the key to rapidly recouping power costs and maximizing your server consolidation efforts.  For a good introduction to Intel’s power management system for server power capping in the data center, take a look at Jackson He’s blog “Datacenter Dynamic Power Management – Intelligent Power Management on Intel Xeon® 5500”.

http://communities.intel.com/community/openportit/server/blog/2009/03/31/datacenter-dynamic-power-management-intelligent-power-management-on-intel-xeon-5500

Lastly, virtualization management software drives ROI but the challenge in the management of large virtual infrastructures is that there are no clear boundaries in terms of network, storage and datacenter management teams.  This needs to be defined as well as an emphasis on a holistic management approach or a “Service Management” approach.  We have to get beyond just monitoring the uptime or resource usage levels of virtual machines (VM) and physical hosts. Along with Intel’s announcement of our latest Xeon 5500, there have also been a number of new product announcements in the past two months.  From VMworld Europe 2009, we heard about vSphere 4.0 and Citrix Essentials for Hyper-V and at ManageFusion Symantec touting improved virtualization functionality and management with CMS/SMS 7.0 integrating Intel’s vPro functionality.

Are the current products providing a holistic management approach with virtualization?

Is it the right strategy to integrate power management with virtualization management?

I’ve got my opinion on this, what’s yours?

Mark

0 Comments Permalink Tags: vmware, management, nehalem, altiris, xeon_5500, virtualization_2.0, vpro, datacenter_efficiency

Popular Blog Posts

Filter Blog

By author: By date: By tag: