In today's world we want top notch security to protect our lives. Since our computer holds a cornucopia of our information that if lost or stolen would become detrimental to our lively hood. We need to do all we can to make sure our information is not going to be in the wrong hands. Companies have to ensure that private information is protected from malicious attacks from people who are trying to make a quick buck, or revenge, or whatever latest motivation tomorrows hacker may have (just ask around at defcon 16 to find some motivations). For me, security is a big issue so I want to dive into this one a little early compared to some of the other topics that I will get into.

 

 

 

 

 

Intel vPro addresses these concerns with the chipset (a tiny processor on the motherboard) and processor features along with the capabilities of Active Management Technology (AMT). I have been reading several whitepapers on the subject this last week, and have learned a lot about the security system that vPro provides.

 

 

 

 

 

 

 

 

As I understand it, vPro has three layers of security:

 

 

 

 

  • Filtering threats and isolating PC's

  • Nonvolatile memory and third party data storage for software agents

  • Virtualization and Trusted Execution Technologies

 

 

 

 

Filtering Threats (the tiny guard dog)

 

 

 

 

 

 

 

 

vPro can identify threats before they reach the Operating System (OS) by inspecting the network traffic to your computer. When something looks fishy, IT can isolate your computer quickly, and use the remote management features of vPro to fix your computer. After your computer is working again, they then restore your connection, and all is well with your system. IT can specify certain system agents stay active, and if these are disabled (either by you, or bad software), they can fix it without corrupting the system. The vPro hardware filters are programmable and watch the characteristics of the traffic that comes in and out of the OS (it doesn't know that you're writing an email to a long lost friend - but does know if your system is trying to infect the rest of the network). When a problem has been identified, IT has the ability to flip a "switch" and limit your network connection so that only they can access your computer (and you no longer pose a risk to the rest of the environment).

 

 

 

 

 

 

 

 

Nonvolatile Memory and Third Party Data Storage for Software Agents

 

 

 

 

 

 

 

 

Ok - that's a mouth full!!! What is a third party software agent? A third party agent would be a piece of software which runs on your computer to make sure things are working well (thin firewall, antivirus, or any of those hundreds of little icons on the taskbar). These software agents can store information in the nonvolatile memory (memory that stays around when the computer is powered off), and then remote applications can read or update this information even when the computer is frozen or turned off. Other information which can be stored in the third party data storage can be anything from system configuration (making sure someone hasn't compromised your system) to how many times you booted your computer without having the keyboard plugged in... By knowing this information, the security experts in the world are able to help ensure your cornucopia of information stays safe! For example, lets say your virus scanner stored information about how up-to-date your protection is, the IT department can check this information and figure out if your system needs updated (even when the computer is turned off).

 

 

 

 

 

 

 

 

Trusted Execution Technology and Virtualization

 

 

 

 

 

 

 

 

This, I feel, is the most interesting. It is a simple but complex thought. With vPro, servers can access any vPro enabled computer. With virtualization, the computer now is able to run multiple OS environments at the same time. If you were to run two operating systems on the same computer, you can layers the access to core parts of the computer and in turn increase security. With Trusted Execution Technology (TXT) programs can execute in an secure memory space and not allow other programs to modify it - done at a hardware level making it much more safe.

 

 

 

 

 

 

 

 

What other things would you expect for security? Post it!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The BriForum Experiance:Through the eyes of the intern

 

 

 

 

 

 

“The Intern’s” Understanding vPro: Chapter 2-What is it used for/ why should I use it?