Detecting a threat, notifying the IT management system of it, and restoring data and user productivity can be a time-consuming and costly process. The longer the time passed, the greater the potential cost of the threat.
Intel embedded security technologies and Intel® Active Management1 Technology (Intel® AMT) help maximize IT’s awareness, control, and response, while minimizing the costs of remediation and management. These technologies are part of business clients based on the Intel Core vPro processor family, enabling the following capabilities:
Monitoring and Prevention
Every business client based on a Intel Core vPro processor maintains a high level of its situational awareness with constant health monitoring, hardware and software inventories, and appropriate responses to any detected irregularities.
Prevention is Better than Remediation
Detecting and avoiding potential risk is easier and less costly than remediating an actual one. That’s why business clients with Intel Core vPro processors take periodic inventories of hardware and software, monitor their own health, and report irregularities.
These business clients keep records in non-volatile memory of all monitored activities and conditions, where IT personnel – or the automated console – can retrieve the information. Software inventories can be checked for currency and risk, and automatic updates scheduled accordingly – either immediately for high risk or during off-hours for lower risk applications. Known at-risk firmware can be remotely updated, and hardware can be flagged for upgrades or replacement as necessary. Prevention keeps costs down, and knowledge of every PC’s assets empowers IT to make efficient, informed, and intelligent decisions about how to manage its fleet of business clients.
Constantly Vigilant – Automatic Monitoring and Reporting of Critical Agent Presence
Some IT central management systems poll remote clients over the network for the presence of running, critical security agents, like antivirus and encryption software. Typically, the agents are present and active, meaning no threat is detected, but the request uses valuable network bandwidth for a positive report. And critical monitoring is interrupted if a network connection is unavailable, as with a laptop on the move.
Business clients with Intel AMT contain self-polling agents embedded in the system; these agents monitor and record the presence of critical software. The results of all polls are stored on the system in non-volatile memory for remote access at any time by IT.
If the necessary software does not report correctly, Intel AMT can contact the management console to notify IT and respond according to IT policies. By self-monitoring instead of responding to network polls, the client is continuously protected, regardless of network access, and does not take up bandwidth when the system is operating normally. Automated monitoring without direct IT intervention results in better protection at lower cost.
Containing Contagions – Automatic Network Monitoring and Response
Business clients based on Intel Core vPro processors protect themselves against many types of intrusion vectors, including monitoring network traffic. This level of monitoring and protection is handled in the hardware, by the network adapter, not running software, which can be potentially corrupted.
IT can define network filters that trigger a security response to protect both the client and the corporate assets on the network. Network threat detection includes the following methods:
When the system detects a threat, it immediately responds by isolating itself from the network to prevent the spreading of a contagion, or further participating in a DDoS attack. Network disconnection is handled by the network adapter, not the operating system’s network stack, to ensure the isolation is secured in hardware, beyond the reach of potentially invading stealthy crimeware.
The out-of-band remediation channel remains open for IT to remotely manage the system and restore it to service.
Staying Put – Minimizing Costs through Remote Remediation
According to industry studies, deskside and service-center calls make up only a small percent of PC problems in a typical business, but they take up the majority of the budget. When a visit is the result of an active threat, costs have already accumulated. Remote remediation minimizes the costs related to visits, and helps quickly return an employee back to productivity.
Intel AMT with KVM Remote Control put3 IT personnel in the driver’s seat – literally – with full remote control of a business client to enable the following capabilities:
Hardware-based technologies help automate and simplify protection and remediation, thus reducing costs.
While today’s cyber-criminals use new stealthy techniques for targeted attacks on companies and organizations, business clients based on Intel Core vPro processors help thwart these threats with built-in, hardware-based security technologies. These Intel technologies work below the OS and provide hardware assistance to advanced security agents beyond the OS.
All these built-in technologies, available only in systems based on Intel Core vPro processors, help keep companies and their data safer by protecting data and networks against today’s advanced persistent threats and targeted attacks. For more information, see www.intel.com/vpro.
1. Security features enabled by Intel® Active Management Technology (AMT) require an enabled chipset, network hardware and software and a corporate network connection. Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating or powered off. Setup requires configuration and may require scripting with the management console or further integration into existing security frameworks, and modifications or implementation of new business processes. For more information, visit http://www.intel.com/technology/manage/iamt.
2. Systems using Client Initiated Remote Access (CIRA) require wired or wireless LAN connectivity and may not be available in public hot spots or “click to accept” locations.
3. KVM Remote Control (Keyboard Video Mouse) is only available with Intel® Core™ i5 vPro™ processors and Core™ i7 vPro™ processors with active processor graphics. Discrete graphics are not supported.
4. Intel® vPro™ Technology is sophisticated and requires setup and activation. Availability of features and results will depend upon the setup and configuration of your hardware, software and IT environment. To learn more visit: http://www.intel.com/technology/vpro/.