Intel vPro a Second Look
In our previous blog post on Intel vPro, we did an overview of what vPro was and what it can do. Now let’s go a little deeper and look at its security features of vPro. Specifically, we will be looking at Intel TDT, AMT, and hardware shield and how they help secure your network. The largest threat that looms of your network nowadays is one of the Rootkit and Bootkit viruses. These types of malware seek to infiltrate your computers and insert malicious code at the firmware and BIOS level. Once these types of malware are at that low level below your OS, they become difficult to deal with and detect. Conventional anti-malware software can only scan at the OS level and so they don’t detect this type of malware at a lower level. Now, let’s look at vPro can do to help with its security suite.
Preventing malware with Intel vPro
The first of the three that we will look at is Intel’s Hardware shield. Hardware shield is a hardware-based security feature that reduces the risk of malicious code being injected at BIOS runtime. It does this by a few means one being restricting memory access in the BIOS at runtime. The second thing it does is dynamically launch the OS and hypervisor in a secure environment. This secure environment is inaccessible to the computer’s firmware. This secure environment runs checks on the OS to see if there is malware faking the hardware. Having the hypervisor run Dynamically means that any virtual machines running the OS are not at risk of that same malware. The key feature of this class is that it gives the OS visibility into what is going on at the BIOS and firmware level.
Next, We come how do we go by detecting threats that have managed to make it past our preventative measures? This is where Intel Threat Detection Technology comes in. TDT is not a single program or hardware but a suite of them. This Suite offers an SDK that will help your IT department build the solution that best fits your needs. It also provides them with the tools they need to secure your networks and computers. The TDT breaks itself into two classes protection one being Silicon acceleration and the other Exploit detection.
First, we will look at the silicon acceleration class. This class is about offloading security workloads to onboard Intel engines. Functions like Accelerated Memory Scanning for detecting malware hiding on system memory can be offloaded to an onboard graphics engine. This expands coverage, improves scanning efficiency, and reduces overhead for this type of scan and many others. The idea behind the class is to reduce overhead and load on your system by offloading these functions onto hardware designed to do this fast and efficiently. Next, is the Exploit detection class. This class uses AI and hardware telemetry to profile malware. This improves detection and removes the need for intrusive scanning techniques or signature databases and is extremely useful for detecting malware that doesn’t have signatures.
Lastly, we come to Intel’s Active Management Technology which with Intel Endpoint Management Assistant helps you maintain control of your systems. Now especially more than ever preventing and responding to attack is crucial as many of your organization’s devices can be found outside your firewalls. Intel AMT can help you protect and maintain your computer fleet by allowing you to remotely patch low-level software. This same access can assist you in cases where one of your devices has become compromised. It allows you to create a secure connection to that device and remove malicious software. It also has the feature that allows for total KVM functionality allowing your IT to assist your team remotely.
To learn more about what Powerland in partnership with Intel can do to help your Organization succeed feel free to contact us. Contact us by using the form found below or by emailing us at firstname.lastname@example.org. One of our knowledgeable staff members is eager and waiting to help you.