Skip navigation

In the world of computing, new mobile devices are all the rage.  And Ultrabooks are among the latest additions to this growing array of devices.  The combination of Citrix XenClient with of 3rd generation Intel® Core™ vPro™ processor-based UltrabooksTM can enable a more flexible and nimble client computing environment.

 

Let’s start with Ultrabooks.  Among the sleekest PCs in the market, Ultrabooks promise to revolutionize mobile computing.  Why is that?  In additional to being ultra responsive and ultra sleek, OEMs are delivering new and innovative Ultrabook designs referred to as convertibles and detachable.  These devices combine the capabilities of a tablet with those of a PC.  They can be instantly transformed from a PC with a full keyboard and mouse, into a touch-enabled tablet.  No longer do employees have to think about which device to take with them, where their content is stored, or wonder if a presentation created on their PC will look the same on their tablet. This new class of Ultabooks is all about the user and represent the ultimate in flexible, no compromise computing. To learn more now, visit:  Ultrabook™ for Business.

 

But managing and securing this growing array of mobile devices can be a daunting challenge.  That’s where Citrix XenClient comes in.  XenClient extends the benefits of desktop virtualization to Ultrabooks, enhancing the management, reliability and security of these devices.  XenClient is also optimized to work with Intel vPro Technology.  As a result, it’s able to take advantage of client-based capabilities like hardware enhanced encryption acceleration, virtualization, and trusted execution, all of which can help strengthen security. XenClient also takes advantage of client based execution and graphics to optimize end user experience.  Finally XenClient compliments the mobility of Ultrabooks with support for offline mode.  Offline mode enables employees to work from anywhere and at any time, whether online or offline with full access to their desktop applications.

 

Transform the way you and your users think about PCs with the combined power of 3rd generation Intel Core vPro processor-based Ultrabooks and Citrix  XenClient.

 

Links to related content:

To learn more information about 3rd generation Intel® Core™ vPro processor systems, visit Ultrabook™ for Business

To learn more about Citrix XenClient, visit http://www.citrix.com/xenclient

Try XenClient today at http://www.citrix.com/xenclient/tryit

Annoucement from Citrix regarding XenClient & Ultrabooks: Citrix Systems - Citrix Extends XenClient to Windows 8 and Ultrabooks

From Blair Muller's "Integrating SCCM 2012 with SCS 8.1" (to read the full blog, please click the link below):

 

"I was recently on a project that required me to integrate SCS 8.1 with SCCM 2012.


In case you are unaware, Intel has provided the integration scripts for SCCM 2007. They can be downloaded from here. I have modified their solution for SCCM 2012.


It's a good idea to have a good thorough understanding of the solution that Intel provide for SCCM 2007. My solution is based around it. I will refer to sections of that manual.

 

The steps I provide are based on my experience. I am only focused on discovering and configuring systems. I haven't focused on the maintenance and unconfiguration tasks. If you need to add these tasks to your project and need assistance, drop me a line.

 

This blog is broken up into 9 sections:

1. Adding the Out of Band Role Management Role to your SCCM server
2. Extending the Hardware Inventory for SCCM 2012
3. Modifying the SCS profile for SCCM 2012
4. Creating the collections required for the discovery and configuration of your     

    clients
5. Creating the Discovery and Configurations packages
6. Creating the Task Sequences required for the discovery and configuration of

    your clients
7. Creating the Deployments (SCCM 2007 - Advertisements)
8. Creating the Status Filter rules to automatically update the Intel collections

9. Queries to help you troubleshoot


I'll explain how it works in a nutshell. The discovery deployment is advertised to all your systems. The discovery runs and interrogates your system. A Hardware Inventory reports back to your SCCM server on this information. If the system can be configured it is automatically placed into a collection where the configuration runs.


The Configuration deployment configures your system and reports back to your SCCM server using a hardware Inventory. It also forces the SCCM server to check the AMT status meaning it will show up as externally provisioned and you will be able to use the SCCM OOB Native tools.

 

When each deployment finishes a status filter rule runs and updates the collections.

 

To make this happen follow the below steps."

 

To see the steps and more, visit his blog below:

Blair Muller's Blog: Integrating SCCM 2012 with SCS 8.1

Download Now 

 

Fujitsu Spain.jpgTo uphold its position as leader in delivering advanced PC environments, Fujitsu in Spain needed to respond quickly and effectively to customer requirements while providing reliable and comprehensive security and software updates. The solution it found was using Intel® vPro™ technology to manage up to 50,000 devices scattered across Spain and beyond.


“Whatever the make and model of laptops and desktops our customers choose, we always recommend that they purchase devices powered by Intel® Core™ vPro™ processors,” explained F. Javier Lainez, Microsoft Services director for Fujitsu. “Activation of the remote management capabilities of this platform is an important part of the deployment process.”


To learn all about it, download our new Fujitsu business success story. Find more like this one on Intel.com and iTunes.  And to keep up to date on the latest business success stories, be sure to follow ReferenceRoom on Twitter

Manage vulnerability with Intel® vPro™ technology built-in security features and McAfee software for multilayered protection against stealth attacks. Take a look at the video below to learn more about the combination protection offered by Intel hardware and McAfee software.

 

Taking Control of Security: Key Log and Pin Pad Screen Scraping

The advantages of using encryption to protect data are well known. Typically all full disk encryption solutions require users to authenticate in a pre-boot environment (PBA – Pre-Boot Authentication). After the successful authentication, the encryption keys are unlocked and disk is unencrypted. The machine then goes on to boot the OS and require users to authenticate in Windows* by providing login/password credentials.

 

In our fast paced lives, we all hate the inconvenience of first entering the encryption credentials in PBA then Windows credentials at Windows login screen. Few may realize that while it’s inconvenient to enter credentials in PBA, it’s an important step in ensuring security of the data on a laptop. When a laptop is starting up (from shutdown state) or resuming from hibernation state (hibernation state – memory contents are dumped to a hibernation file on the disk), user is asked to authenticate in PBA. If the laptop is resuming from the sleep state (also known as S3 state), the user doesn’t have to go through the authentication step in PBA. In S3 state, the memory of the laptop is still active. OS, Applications, data including the encryption keys are loaded in the memory. That’s where the vulnerability creeps in.

 

In a typical usage scenario, a user just close the lid of the laptop after work, let the laptop go to sleep state, open the lid and resume quickly when need to work again. It sounds convenient but is data secure while the laptop is in sleep state? As I mentioned above, the memory is still active in the sleep state and encryption keys are in the memory. If a laptop is stolen while in sleep state, the data on the laptop is susceptible to breach.

 

Intel® Anti-Theft Technology (Intel® AT) addresses this vulnerability and allows IT administrator to strike a balance between convenience and security. Intel AT includes a hardware based S3 timer which kicks-in as a laptop enters the S3 state and transition the laptop to hibernation state after the expiry. The timer value is defined by an IT administrator. It allows users to keep their laptop in sleep state for quick resume say, when moving between meetings, but it secures the data when the laptop has been in sleep state for longer duration. Since the timer is implemented in hardware and value defined by IT administrator, users won’t be able to sacrifice security over convenience.

 

SecureDisable* is an Intel AT solution offered by Softex Inc. The SecureDisable solution offers the asset and data protection features of Intel AT and it also provides other capabilities such as seamless plug-ins to existing enterprise IT consoles (Microsoft SCCM* and BMC Remedy*) for easier deployment and management, flexible service delivery model allowing enterprises to host the solution themselves, service providers (ITOs/MSPs) to host it either as standalone service or part of security service portfolio, or the service to be hosted in cloud.

 

SecureDisable release 2.5 is now available and contains the following new features -

  • Support for 3rd Generation Intel® Core™ and Intel Core™ vPro™ Processors
  • Close the data encryption vulnerability in S3 state. If Windows* login is not completed before S3 timer expires, the laptop will gracefully enter S4 (hibernate) state. When resuming from S4, the users will be asked to provide encryption passphrase credential in PBA.
  • Enhanced multi-tenancy support for ITO hosted anti-theft service. A new user class for help-desk has been created that can be attached and thus gain administrative rights to multiple hosted organizations.
  • License management features - ability to allocate licenses on a per-organization level, and license tracking.
  • Various UI and usability changes in the administrative web pages.

 

Visit – Laptop Security with Intel® Anti-Theft Technology for more information on Intel AT or visit http://www.softexinc.com/ for more information on SecureDisable

peer research.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This report on endpoint security captures benchmarking data from a survey of 400 IT professionals, including 200 from the U.K. and 200 from the U.S., which provides insights on stealthy threats awareness and current threat prevention techniques. Click the link below to take a look at the peer research report and shed some light on security threats in today's environment.

 

Click Here: Insights on Endpoint Security and Stealthy Threats

 

 

This blueprint showcases how McAfee and Intel have teamed up to stop the most insidious malware tools cyber criminals are using today - rootkits.  Rootkits are designed to hide from the user, the OS or applications and cyber criminals are using them to propagate malware that evades traditional security measures.


McAfee Deep Defender uses Intel Virtualization Technology (VT-x) to get a new perspective on security by operating outside of the OS.  This solution, combined with McAfee DeepSAFE technology monitors kernel memory for malicious kernel rootkits and can prevent them from installing, stopping their cloaking capabilities and the malware they attempt to hide and propagate.

 

http://www.intel.com/content/www/us/en/enterprise-security/mcafee-deep-defender-fighting-rootkits-blueprint.html

     Networks constitute the new morphology of our society and the diffusion of this logic transforms operations and results in productive processes, experience, power and culture. Therefore, network organization has existed for a long time; the new information technology paradigm provided the material base for expansion that penetrated into whole social structure. Now we’ve come upon the mobility craze, the fastest changing field in technology, and the introduction of these new form factors into our society are reshaping the way that we interact with each other through social networks. They’re influencing the way that we work and produce information.

 

alliance.jpg

 

 

     What we are seeing nowadays is the wave of Bring Your Own Device (aka. BYOD), where corporations are allowing employees buy devices and bring to enterprise, letting them use it to access their e-mails, calendars, contacts and even line-of-business applications. This new chapter in IT brings new opportunity for increased productivity, while putting valuable information in employee’s hands. BYOD takes advantage of the fast paced evolution of consumer devices such as smartphones, tablets, and the applications that run these devices and empower users with highly collaborative capability. However, these benefits come also with challengers for IT departments:

 

     Security: Probably the biggest challenge for most organizations. Dealing with multiples devices, operating systems, and users accessing multiples devices at same time requires in-depth strategy, securing and integrating multiples layers into overall enterprise-class policy. The first touch point is the user, so starting with a small tech-savvy group can be a good start point, as demonstrated by BP case published 6 years ago by ZDNet.

 

     Now IT organizations also can count on Intel® Anti-theft Technology (aka. Intel® AT) technology embedded into Intel tablets, laptops and Ultrabooks to lockdown lost or stolen device in order to “brick” and destroy information stored in these devices and make the device itself a useless piece. Also, to protect user’s identity these devices have Intel® Identity Protection Technology (aka IPT), that provides the foundation for a comprehensive, tamper proof and tied with hardware asset that match user and device to provide a consistent authentication mechanism and credential protection.

 

     All these technologies have the potential to set an alliance between personal and professional roles into same device. As I already wrote about use of IPT for consumer using an online banking, this same technology can be applied for enterprise application in order to strengthen overall user identity. Pragmatism is the safest strategy for enterprise, IT organizations can’t ignore that their users are using their devices for personal matters, accessing personal e-mail and multiples cloud services, probably using the same password used by corporate systems. So, if IT ignores this simple human expected behavior and continues to think that IT security is based on firewall perimeter, and an employee losing his or her personal device won’t offer any threat to corporate will undoubtingly find themselves with a security breach.

 

     Define a strategy to support an effective BYOD policy. This is actually not only an opportunity to boost employee productive but also, if well conducted, a way to protect against the security breaches that existed in today’s world.. However, it is not an easy task and there isn’t one solution fits all. That is the reason that some well-established consulting companies are focusing their efforts in this area, as announced by IBM Global Service and explained in this white-paper.

 

Best Regards!


Filter Blog

By date: By tag: