Newer vPro Sports More Security Features

Remote management, baked-in NAP and more on the way.

By Andy Patrizio | Posted Aug 21, 2008
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

SAN FRANCISCO -- Intel is preparing the second generation of its vPro remote management technology and is promising more goodies in the third generation, which will take advantage of new features and functionality in the new Nehalem family.

vPro is not found in any single component of a computer. It is a combination of processor technologies, hardware enhancements, management and security features for remote PC administration. It allows administrators to access a system regardless of the operating system or whether the computer is on or off.

There are a number of requirements to be classified as a vPro PC, although most of those features are standard these days. They include multi-core processors, Intel Active Management Technology (AMT), remote configuration technology for AMT, wired and wireless network connection, Intel Trusted Execution Technology (TXT) and Intel Virtualization Technology.

vPro is one of those Intel (NASDAQ: INTC) products you don't hear about much, but according to Andy Tryba, director of marketing for the Digital Office Products division, more than 60 percent of the Fortune 100 have deployed and use it.

The new version, due next month, will be for Penryn-based systems. It will be one more generation before vPro is found on Nehalem systems, and Intel has been fairly steady about releasing vPro updates around the September timeframe, said Tryba.

Among the upcoming features in vPro will be the ability to remotely manage an encrypted hard disk. Right now that's not possible, since the computer's user needed to enter the password to let the remote manager in. The next generation will allow for power up and remote management without a password.

Currently, vPro has Cisco's Network Admission Control (NAC) but plans to add Microsoft Network Access Protection (NAP) as well, for administering Windows systems from a Server 2008 console.

Security is also enhanced by storing keys and other strong encryption passwords in silicon, not software, since software is the most common target of attack. It's also possible to intercept a password when it is being used in software. So Intel moved it to a harder point to crack, the silicon.

A better kill switch

Intel also plans to update the remote kill switch, which lets an administrator disable or wipe a laptop that's lost or stolen. But that requires the thief or person who found the lost laptop to turn it on and connect it to the Internet. The new vPro will allow an administrator to toast a laptop's contents even if they don't turn it on. Just walk into range of a wireless Internet network and your laptop will get the signal to self-destruct.

Going forward, Tryba said Intel is looking at both the Nehalem and the MID space. Nehalem is logical as it will be a desktop and eventually server platform. MID, however, would be a new one. "That whole market has a lot of the same needs as the regular laptop market so it would make sense," he told InternetNews.com.

Nehalem laptops will feature Intel Antitheft Technology, which Intel first announced at the April IDF in Shanghai, China. Built on the Intel Manageability System, this system will lock the system and lock the disk drive, so people cannot get at the data.

It could even use a laptop's built-in Webcam to show the face of the thief, which Intel demonstrated in a comical fashion here at the Intel Developer Forum (IDF). Pat Gelsinger, senior vice president and general manager of the Digital Enterprise group, disguised himself during a second keynote and stole a laptop from the stage, only to be exposed as using it and sitting in the audience a few minutes later.

Another new market for vPro is consumer. They are getting a subset of remote power on technology in the form of Remote Wake, which will power on a computer. Tryba said it's most likely use would be for Internet telephony, since a lot of them go through a PC, and it would spare having to leave a computer on or turning it on to make and receive phone calls.

Article courtesy of InternetNews.com

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter