Malware Reduction: Intel® Trusted Execution Technology (Intel® TXT)
Protecting your clients against software-based threats such as virus and reset attacks
What is it?
Help your customers better secure their IT infrastructure with Intel® Trusted Execution Technology (Intel® TXT).
Protecting against software-based threats such as virus and reset attacks as well as BIOS and firmware update attacks, Intel® TXT is a hardware-based solution that checks, validates, and helps secure key components within a server or PC at startup.
Using an infrastructure based in the Intel processor and known as the “root of trust,” Intel® TXT checks the consistency in behaviors and launch-time configurations against a verified benchmark called a “known good” value. It then quickly assesses and helps defend against any attempts to alter or tamper with your customer’s system before it’s even launched.
See how Intel® TXT protects your clients’ enterprise servers and PCs from malicious attacks.
Why it matters.
Malicious software programs or “malware,” such as viruses, are a consistent and growing threat to your customers’ IT infrastructure and their businesses.
While the mechanisms of malware vary, they all seek to:
- Corrupt systems
- Disrupt business
- Steal data
- Seize control of platforms.
Providing your customers with reliable security against such common—yet serious—threats as malware not only frees them from unwanted setbacks, it also builds trust, allowing you to deliver even higher-value products in the future.
As you bring a more shared, multi-tenant, and virtualized infrastructure model to your customers, the perimeter of their traditional network infrastructure becomes more exposed to vulnerabilities.
Also, traditional security software approaches of looking for “known bad” elements (the approach most used by anti-virus or anti-malware programs) are only partially effective at coping with the increasing volume and sophistication of attacks today.
Intel® TXT helps your customers stay a step ahead of today’s threats by using an additional enforcement point and a previously unseen known good–focused approach that checks for malicious software on both client and server platforms before they have even launched.
How it works
Quite simply, if your customer’s system’s launch sequence does not match Intel® TXT’s approved, known good sequence, it recognizes the threat and notifies them of this unexpected condition.
In more detail, Intel® TXT provides an infrastructure rooted in the processor that enables an accurate comparison of all the critical elements of the launch environment against a known good source.
To do this, it first allows creation of a known good profile by establishing a cryptographically unique identifier for each approved launch-enabled component. It then provides hardware-based enforcement mechanisms to detect the launch of any code that does not match the approved code.
Intel® TXT’s hardware-based approach provides your clients with the foundation on which you can continue to help build a trusted platform solution to better protect against software-based attacks. Furthermore, it is designed to scale with the needs of their organization and help protect both the user and the company infrastructure from malicious intent.
For more detailed look at Intel® TXT and how the full range of features it uses can secure your customers’ computing environments, read the white paper.