- Intel vPro
Intel vPro technology is a set of features built into a PC’smotherboard and otherhardware .cite web |title=Remote Pc Management with Intel's vPro |url=http://www.tomshardware.com/reviews/command-conquer,1591.html |publisher=Tom's Hardware Guide|accessdate=2007-11-21] cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] Intel vPro is not the PC itself, nor is it a single set of management features (such asIntel Active Management Technology (Intel AMT)) for sys-admins. Intel vPro is a combination of processor technologies, hardware enhancements, management features, and security technologies that allow remote access to the PC -- including monitoring, maintenance, and management -- independently of the state of theoperating system (OS) or power state of the PC.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] Intel vPro is intended to help businesses gain certain maintenance and servicing advantages, security improvements, and cost benefits ininformation technology (IT) areas.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Measuring the Value of Intel Core2 Processor with vPro Technology in the Enterprise|url=http://communities.intel.com/docs/DOC-1129|publisher=Intel|date=2006|accessdate=2008-08-14]Relationships between Intel vPro, Intel AMT, Intel Centrino 2, and Intel Core 2
The numerous Intel brands can be confusing. Here are the key differences between vPro (a platform), AMT (a technology), Centrino 2 (a package of technologies), and Core 2 (a processor).
Intel
Core 2 Duo or Quad processors arecentral processing units (CPUs), the brains of the PC.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] IntelCentrino 2 processor technology is a package of technologies that includes the Intel Core 2 Duo.cite web |title=Intel Centrino 2 Explained|url=http://news.cnet.com/8301-17938_105-9991160-1.html?tag=bl |publisher=CNET|accessdate=2008-07-15] Intel Centrino 2 is designed for mobile PCs, such aslaptops and other small devices. Core 2 and Centrino 2 use 45-nm nanotech manufacturing processes, havemulti-core processing, and are designed for multithreading.Intel vPro technology is a set of technologies built into the hardware of the laptop or desktop PC.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] The technology is targeted at businesses, not consumers. A PC with vPro includes Intel AMT, Intel Virtualization Technology (Intel VT), Intel
Trusted Execution Technology (Intel TXT), agigabit network connection, and so on. You can have a PC with a Core 2 processor, without vPro built in. However, vPro features require a PC with at least a Core 2 or Centrino processor. Current versions of vPro are built into PCs with Core 2 Duo or Quad processors or Centrino 2 processors.Intel AMT is part of the Intel Management Engine, which is built into PCs with Intel vPro technology.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] Intel AMT is a set of remote management and security features designed into the PC’s hardware and which allow a sys-admin with AMT security privileges to access system information and perform specific remote operations on the PC.cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] These operations include remote power up/down (via
wake on LAN ), remote / redirected boot (via integrated device electronics redirect, or IDE-R), console redirection (viaserial over LAN ), and other remote management and security features.Intel vPro technology Features
Intel vPro is a “platform” or set of PC hardware features. PCs with vPro have three main elements: 1) Core 2 Duo/Quad or Centrino 2 processor for business applications; 2) integrated components (such as 64-bit graphics) to reduce the number of discrete components in the system; and 3) hardware-based management and security technology (such as Intel AMT).cite web |title=Remote Pc Management with Intel's vPro |url=http://www.tomshardware.com/reviews/command-conquer,1591.html |publisher=Tom's Hardware Guide|accessdate=2007-11-21] cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=Intel Centrino 2 Explained|url=http://news.cnet.com/8301-17938_105-9991160-1.html?tag=bl |publisher=CNET|accessdate=2008-07-15] cite web |title=Intel vPro Chipset Lures MSPs, System Builders|url=http://www.crn.com/white-box/201802550|publisher=ChannelWeb|accessdate=Aug 2007] cite web |title=Intel Mostly Launches Centrino 2 Notebook Platform|url=http://www.crn.com/hardware/209100230?queryText=vPro|publisher=ChannelWeb|accessdate=July 2008] cite web |title=A new dawn for remote management? A first glimpse at Intel's vPro platform|url=http://arstechnica.com/articles/paedia/hardware/vpro.ars/1|publisher=ars technica|accessdate=2007-11-07] A vPro PC includes:
* Multi-core, multi-threaded Intel Core 2 Duo or Quad processors.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
* Intel Active Management Technology (Intel AMT), a set of hardware-based features targeted at businesses and which allow remote access to the PC for management and security tasks, when an OS is down or PC power is off.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] Note that AMT is not the same as Intel vPro; AMT is only one element of a vPro PC.
* Remote configuration technology for AMT, with certificate-based security. Remote configuration can be performed on “bare-bones” systems, before the OS and/or software management agents are installed.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=Intel Centrino 2 with vPro Technology|url=http://softwarecommunity.intel.com/articles/eng/1477.htm|publisher=Intel|accessdate=2008-06-30]
* Wired and wireless (laptop) network connection.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
* IntelTrusted Execution Technology (Intel TXT),cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=New Intel vPro Processor Technology Fortifies Security for Business PCs (news release) |url=http://www.intel.com/pressroom/archive/releases/20070827comp.htm |publisher=Intel|accessdate=2007-08-07] cite web |title=Intel Trusted Execution Technology|url=http://www.intel.com/technology/security/downloads/TrustedExec_Overview.pdf|publisher=Intel|date=2007|accessdate=2008-07-15] cite web |title=Intel Trusted Execution Technology: A Primer|url=http://softwarecommunity.intel.com/articles/eng/3702.htm|publisher=Intel|date=2007-12-10|accessdate=2008-08-17] which is used to verify a launch environment and establish the root of trust, which in turn allows software to build achain of trust for virtualized environments. Intel TXT also protects secrets during power transitions for both orderly and disorderly shutdowns (a traditionally vulnerable period for security credentials).
* Support forIEEE 802.1x ,Cisco Self Defending Network (SDN), andMicrosoft Network Access Protection (NAP) in laptops, and support for 802.1x and Cisco SDN in desktop PCs.cite web |title=Intel Software Network, engineer / developers forum|url=http://softwarecommunity.intel.com/isn/Community/en-US/forums/thread/30235057.aspx|publisher=Intel|accessdate=2008-08-09] cite web |title=Cisco Security Solutions with Intel Centrino Pro and Intel vPro Processor Technology|url=http://www.intel.com/business/casestudies/cisco.pdf|publisher=Intel|2007] Support for these security technologies allows Intel vPro to store the security posture of a PC so that the network can authenticate the system before the OS and applications load, and before the PC is allowed access to the network.cite web |title=New Intel vPro Processor Technology Fortifies Security for Business PCs (news release) |url=http://www.intel.com/pressroom/archive/releases/20070827comp.htm |publisher=Intel|accessdate=2007-08-07]
* Intel Virtualization Technology, including Intel VT for memory, CPU, and Directed I/O, to support virtualized environments. Intel VT is hardware-based technology, not software-based virtualization. Intel VT lets you run multiple OSs (traditional virtualization) on the same PC or run a specialized or critical application in a separate space -- a virtual PC on the physical system -- in order to help protect the application or privacy of sensitive information.cite web |title=Measuring the Value of Intel Core2 Processor with vPro Technology in the Enterprise|url=http://communities.intel.com/docs/DOC-1129|publisher=Intel|date=2006|accessdate=2008-08-14] cite web |title=New Intel vPro Processor Technology Fortifies Security for Business PCs (news release) |url=http://www.intel.com/pressroom/archive/releases/20070827comp.htm |publisher=Intel|accessdate=2007-08-07] [cite web |title=The Benefits of Intel Centrino with vPro Technology in the Enterprise |url=http://www.intel.com/business/business-pc/roi/centrinoprowhitepaper.pdf |publisher=Wipro Technologies|accessdate=September 2007]
* Execute Disable Bit which, when supported by the OS, can help prevent some types of buffer overflow attacks. [cite web |title=Execute Disable Bit and Enterprise Security|url=http://www.intel.com/technology/xdbit/?iid=SEARCH|publisher=Intel|accessdate=2008-08-10]
* Support forMicrosoft Windows Vista , including Microsoft Windows Vista BitLocker with an industry-standardTrusted Platform Module version 1.2 and Intel graphics support for Windows Vista AEROgraphical user interface . [cite web |title=High Performance, Enhanced Security|url=http://www.intel.com/intel/windowsvista/business.htm|publisher=Intel|accessdate=2008] [cite web |title=Windows Vista on PCs with Intel Centrino Pro or Intel vPro Processor Technology|url=http://www.intel.com/business/casestudies/windows_vista_solution_brief.pdf|publisher=Intel|accessdate=2007]Remote-Management Features
Intel AMT is the set of management and security features built into vPro PCs and which are intended to make it easier for a sys-admin to monitor, maintain, secure, and service PCs.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] Intel AMT (the management technology) is sometimes mistaken for being the same as Intel vPro (the PC "platform"), because AMT is one of the most visible technologies of an Intel vPro-based PC.
Intel AMT includes:
*Encrypted remote power up/down/reset (viawake on LAN , or WOL)cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]
*Remote/redirected boot (via integrated device electronics redirect, or IDE-R)cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]
*Console redirection (viaserial over LAN , or SOL)cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]
*Preboot access toBIOS settingscite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]
*Programmable filtering for inbound and outbound network trafficcite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=New Intel vPro Processor Technology Fortifies Security for Business PCs (news release) |url=http://www.intel.com/pressroom/archive/releases/20070827comp.htm |publisher=Intel|accessdate=2007-08-07]
*Agent presence checkingcite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=New Intel vPro Processor Technology Fortifies Security for Business PCs (news release) |url=http://www.intel.com/pressroom/archive/releases/20070827comp.htm |publisher=Intel|accessdate=2007-08-07]
*Out-of-band policy-based alertingcite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]
*Access to system information, such as the PC’s universal unique ID (UUID), hardware asset information, persistent event logs, and other information that is stored in dedicated memory (not on the hard drive) where it is accessible even if the OS is down or the PC is powered off.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|date=2008|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]Hardware-based management has been available in the past, but it has been limited to
auto-configuration usingDHCP orBOOTP fordynamic IP allocation and diskless workstations, as well asWake On LAN for remotely powering on systems. [cite web |title=A new dawn for remote management? A first glimpse at Intel's vPro platform |http://arstechnica.com/articles/paedia/hardware/vpro.ars/1|publisher=ars technica|accessdate=2007-26-07]Wired and Wireless Communication
Intel vPro supports encrypted wired and
wireless LAN wireless communication for all remote management features for PCs inside the corporatefirewall .cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] Intel vPro supports encrypted communication for some remote management features for wired andwireless LAN PCs outside the corporatefirewall .cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] [cite web |title=Understanding Intel AMT over wired vs. wireless (video) |url=http://communities.intel.com/docs/DOC-1129|publisher=Intel|accessdate=2008-08-14]Wireless Communication for Laptops
Laptops with vPro include a gigabit network connection and support
IEEE 802.11 a/g/n wireless protocols.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=New Intel-Based Laptops Advance All Facets of Notebook PCs|url=http://www.intel.com/pressroom/archive/releases/20080715comp_sm.htm#story|publisher=Intel|accessdate=2008-07-15] cite web |title=Understanding Intel AMT over wired vs. wireless (video) |url=http://communities.intel.com/docs/DOC-1129|publisher=Intel|accessdate=2008-08-14]Wireless Communication for Intel AMT
Intel vPro PCs support wireless communication to the AMT features.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Understanding Intel AMT over wired vs. wireless (video) |url=http://communities.intel.com/docs/DOC-1129|publisher=Intel|accessdate=2008-08-14] cite web |title=New Intel-Based Laptops Advance All Facets of Notebook PCs|url=http://www.intel.com/pressroom/archive/releases/20080715comp_sm.htm#story|publisher=Intel|accessdate=2008-07-15]
For wireless laptops on battery power, communication with AMT features can occur when the system is awake and connected to the corporate
network . This communication is available if the OS is down or management agents are missing.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Understanding Intel AMT over wired vs. wireless (video) |url=http://communities.intel.com/docs/DOC-1129|publisher=Intel|accessdate=2008-08-14]AMT
out-of-band communication and some AMT features are available for wireless or wired laptops connected to the corporatenetwork over a host OS-basedvirtual private network (VPN) when laptops are awake and working properly.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]Encrypted Communication while Roaming
Intel vPro PCs support encrypted communication while
roaming .cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=New Intel-Based Laptops Advance All Facets of Notebook PCs|url=http://www.intel.com/pressroom/archive/releases/20080715comp_sm.htm#story|publisher=Intel|accessdate=2008-07-15] cite web |title=Intel Active Management Technology Setup and Configuration Service, Version 5.0|url=http://softwarecommunity.intel.com/isn/downloads/Manageability/Intel_AMT_SCS_Console_Guide_5.0.pdf|publisher=Intel|accessdate=2008-08-04("see CIRA configuration discussion")]vPro PCs version 4.0 or higher support security for mobile communications by establishing a secure tunnel for encrypted AMT communication with the
managed service provider whenroaming (operating on an open, wired LAN outside the corporatefirewall ).cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] Secure communication with AMT can be established if the laptop is powered down or the OS is disabled.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] The AMT encrypted communication tunnel is designed to allow sys-admins to access a laptop or desktop PC at satellite offices where there is no on-siteproxy server or management server appliance.Secure communications outside the corporate
firewall depends on adding a new element -- a management presence server (Intel calls this a “vPro-enabled gateway”) -- to the network infrastructure.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] This will require integration withnetwork switch manufacturers,firewall vendors, and vendors who design management consoles in order to create an infrastructure that supports encryptedroaming communication . So although encrypted roaming communication is enabled as a feature in vPro PCs version 4.0 and higher, the feature may not be fully useful (except in having a "ready" PC) until the infrastructure is functional.ecurity and Intel vPro PCs
vPro security technologies and methodologies are designed into the PC’s
chipset and other systemhardware . Because the vPro security technologies are designed into system hardware instead ofsoftware , they are less vulnerable tohackers ,computer viruses ,computer worms , and other threats that typically affect an OS or software applications installed at the OS level (such asvirus scan , antispyware, inventory, and other security or management applications).cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]For example, during deployment of vPro PCs, security credentials, keys, and other critical information are stored in protected memory (not on the
hard disk drive ), and erased when no longer needed.Intel vPro Security Features
Intel vPro supports industry-standard methodologies and protocols, as well as other vendors’ security features:cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=New Intel vPro Processor Technology Fortifies Security for Business PCs (news release) |url=http://www.intel.com/pressroom/archive/releases/20070827comp.htm |publisher=Intel|accessdate=2007-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=Intel vPro Technology|url=http://www.intel.com/technology/vpro/ |publisher=Intel|accessdate=2008-07-14]
*IntelTrusted Execution Technology (Intel TXT).cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Intel Trusted Execution Technology|url=http://www.intel.com/technology/security/downloads/TrustedExec_Overview.pdf|publisher=Intel|date=2007|accessdate=2008-07-15] cite web |title=Intel Trusted Execution Technology: A Primer|url=http://softwarecommunity.intel.com/articles/eng/3702.htm|publisher=Intel|date=2007-12-10|accessdate=2008-08-17]
*Industry-standardTrusted Platform Module version 1.2 (TPM).cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
*Support forIEEE 802.1x ,Preboot Execution Environment (PXE),Cisco Self Defending Network (SDN), andMicrosoft Network Access Protection (NAP) in laptops, and support forIEEE 802.1x ,Preboot Execution Environment (PXE), andCisco Self Defending Network (SDN) in desktop PCs. cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] [cite web |title=Intel Software Network, engineer / developers forum|url=http://softwarecommunity.intel.com/isn/Community/en-US/forums/thread/30235057.aspx|publisher=Intel|accessdate=2008-08-09] cite web |title=Cisco Security Solutions with Intel Centrino Pro and Intel vPro Processor Technology|url=http://www.intel.com/business/casestudies/cisco.pdf|publisher=Intel|2007]
*Execute Disable Bit.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
*IntelVirtualization Technology (Intel VT).cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]Intel vPro Security Technologies and Methodologies
Intel vPro uses several industry-standard security technologies and methodologies to secure the remote vPro
communication channel . These technologies and methodologies also improve security for accessing the PC’s critical system data,BIOS settings, Intel AMT management features, and other sensitive features or data; and protect security credentials and other critical information during deployment (setup and configuration of Intel AMT) and vPro use.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] [cite web |title=Intel Active Management Technology Setup and Configuration Service Installation and User Manual|url=http://cache-www.intel.com/cd/00/00/32/09/320963_320963.pdf|publisher=Intel|accessdate=2008-07-14]
*Transport layer security protocol, includingpre-shared key TLS (TLS-PSK ) to secure communications over theout-of-band network interface. The TLS implementation uses AES 128-bit encryption andRSA keys with modulus lengths of 2048 bits. [cite web |title=Advanced Encryption Standard (AES) Instructions Set|url=http://softwarecommunity.intel.com/articles/eng/3788.htm|publisher=Intel|accessdate=2008-08-05] cite web |title=Hardening Measures Built into Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/3703.htm|publisher=Intel|date=2007-12-10|accessdate=2008-08-01] [cite web |title=Intel vPro Technology FAQ|url=http://softwarecommunity.intel.com/articles/eng/1151.htm|publisher=Intel|accessdate=2008-07-12]
*HTTP digest authentication protocol as defined in RFC 2617. The management console authenticates IT administrators who manage PCs with Intel AMTcite web |title=Hardening Measures Built into Intel® Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/3703.htm|publisher=Intel|date=2007-12-10|accessdate=2008-08-01]
*Single sign-on to Intel AMT withMicrosoft Windows domain authentication, based on the MicrosoftActive Directory andKerberos protocols.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
*Apseudorandom number generator (PRNG) in thefirmware of the AMT PC, which generates high-quality session keys for secure communication.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
*Only digitally signed firmware images (signed by Intel) are permitted to load and execute.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
*Tamper-resistant and access-controlled storage of critical management data, via a protected, persistent (nonvolatile) data store (a memory area not on the hard drive) in the Intel AMT hardware.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]
*Access control lists for Intel AMT realms and other management functions.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07]Hardware requirements
The first release of Intel vPro was built with an Intel
Core 2 Duo processor.cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] The current versions of Intel vPro are built into systems with 45 nm Intel Core 2 Duo or Quad processors, orCentrino 2 processors.PCs with Intel vPro require specific
chipsets . Intel vPro releases are usually identified by their AMT version.cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12]Hardware requirements for laptop PCs with Intel vPro
Laptops with Intel vPro require:
*For Intel AMT release 4.1 (Intel Centrino 2 with vPro technology):cite web |title=New Intel Centrino Atom Processor Technology Ushers in 'Best Internet Experience in Your Pocket'|url=http://www.intel.com/pressroom/archive/releases/20080401comp.htm|publisher=Intel|date=2008-04-02|accessdate=2008-08-07]
**45nm Intel Core2 Duo processor T, P sequence 8400, 8600, 9400, 9500, 9600; small form factor P, L, U sequence 9300 and 9400, and Quad processor Q9100.
**Mobile 45nm Intel GS45, GM47, GM45 and PM45 Express Chipsets (Montevina with Intel Anti-Theft Technology) with 1066 FSB, 6 MB L2 cache, ICH10M-enhanced.
*For Intel AMT release 4.0 (Intel Centrino 2 with vPro technology):cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Intel vPro Chipset Lures MSPs, System Builders|url=http://www.crn.com/white-box/201802550|publisher=ChannelWeb|accessdate=Aug 2007]
**45nm Intel Core2 Duo processor T, P sequence 8400, 8600, 9400, 9500, 9600; small form factor P, L, U sequence 9300 and 9400, and Quad processor Q9100.
**Mobile 45nm Intel GS45, GM47, GM45 and PM45 Express Chipsets (Montevina) with 1066 FSB, 6 MB L2 cache, ICH9M-enhanced.
*For Intel AMT release 2.5 and 2.6 (Intel Centrino with vPro technology):cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=Intel Centrino Pro and Intel vPro Processor Technology|url=http://download.intel.com/pressroom/kits/centrino/CentrinoPro_vPro_whitepaper.pdf|publisher=Intel|date=2007|accessdate=2008-08-07] cite web |title=Intel Mostly Launches Centrino 2 Notebook Platform|url=http://www.crn.com/hardware/209100230?queryText=vPro|publisher=ChannelWeb|accessdate=July 2008]
**Intel Core2 Duo processor T, L, and U 7000 sequence3, 45nm Intel Core2 Duo processor T8000 and T9000
**Mobile Intel 965 (Broadwater-Q) Express Chipset with ICH8M-enhanced.Note that AMT release 2.5 for wired/wireless laptops and AMT release 3.0 for dekstop PCs are concurrent releases.Hardware requirements for desktop PCs with Intel vPro
Desktop PCs with vPro (called “Intel Core 2 with vPro technology”) require:
*For AMT release 5.0:cite web |title=Gelsinger Speaks To Intel And High-Tech Industry's Rapid Technology Cadence|url=http://www.intel.com/pressroom/archive/releases/20070918corp_b.htm|publisher=Intel|date=2007-09-18|accessdate=2008-08-16]
**Intel Core2 Duo processor E8600, 8500, and E8400 ; 45nm Intel Core2 Quad processor Q9650, Q9550, and Q9400.
**Intel Q45 (McCreary) Express Chipset with ICH10DO.
*For AMT release 3.0, 3.1, and 3.2:cite web |title=Intel Centrino 2 with vPro Technology and Intel Core2 Processor with vPro Technology|url=ftp://download.intel.com/products/vpro/whitepaper/crossclient.pdf |publisher=Intel|accessdate=2008-08-07] cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=Intel vPro Chipset Lures MSPs, System Builders|url=http://www.crn.com/white-box/201802550|publisher=ChannelWeb|accessdate=Aug 2007]
**Intel Core2 Duo processor E6550, E6750, and E6850; 45nm Intel Core2 Duo processor E8500, E8400, E8300 and E8200; 45nm Intel Core2 Quad processor Q9550, Q9450 and Q9300.
**Intel® Q35 (Bearlake-Q) Express Chipset with ICH9DO.Note that AMT release 2.5 for wired/wireless laptops and AMT release 3.0 for dekstop PCs are concurrent releases.
*For AMT release 2.0, 2.1 and 2.2:cite web |title=Architecture Guide: Intel Active Management Technology|url=http://softwarecommunity.intel.com/articles/eng/1032.htm |publisher=Intel|date=2008-06-26|accessdate=2008-08-12] cite web |title=Intel Mostly Launches Centrino 2 Notebook Platform|url=http://www.crn.com/hardware/209100230?queryText=vPro|publisher=ChannelWeb|accessdate=July 2008] cite web |title=Intel Centrino Pro and Intel vPro Processor Technology|url=http://download.intel.com/pressroom/kits/centrino/CentrinoPro_vPro_whitepaper.pdf|publisher=Intel|date=2007|accessdate=2008-08-07]
**Intel Dual Core processor E6300, E6400, E6600, and E6700.
**Intel® Q9655 (Averill) Express Chipset with ICH8DO.See also
* Active Management Technology (AMT)
*Intel AMT versions
*Intel Core 2
*Centrino 2
*Centrino
*Intel Viiv References
External links
* [http://www.intel.drivevpro.com/ Intel vPro Training ]
* [http://news.cnet.com/8301-17938_105-9991160-1.html?tag=bl Intel Centrino 2 Explained (CNET)]
* [http://www.intel.com/technology/vpro/index.htm vPro on Intel.com]
* [http://www.theinquirer.net/gb/inquirer/news/2006/04/24/intel-vpro-is-everything-we-said-it-would-be Intel vPro is everything we said it would be]
* [http://www.xbitlabs.com/news/chipsets/display/20060424113310.html Intel vPro to Boost Security - Energy Efficiency - Cost Reduction]
* [http://podtech.net/?cat=37 Blogcast of the vPro Launch]
* [http://www.crn.com/white-box/201802550 Intel vPro Chipset Lures MSPs, System Builders (ChannelWeb, Aug 2007)]
* [http://www.intel.com/go/vproexpert Intel(r) vPro(TM) Expert Center]
* [http://communities.intel.com/docs/DOC-1171 PRO TOOL WIKI]
* [http://www.podtech.net/home/4679/roi-intel-vpro-technology-in-the-enterprise ROI PODcast]
Wikimedia Foundation. 2010.