Intel® vPro™ Technology
Built-in security for greater protection
An added layer of security for businesses and intelligent systems
Today’s businesses and intelligent systems developers face four critical areas of IT security:
- Threat management, including protection from rootkits, viruses, and malware
- Identity and website access point protection
- Confidential personal and business data protection
- Remote and local monitoring, remediation, and repair of PCs and workstations
Intel® vPro™ technology addresses each of these and other needs through its comprehensive set of security, manageability, and productivity-enhancing capabilities. This technology is built into the new Intel® Core™ vPro™ processor family, the Intel® Xeon® processor E5-2600, E5-1600, and E3-1200 product families, Intel® chipsets, and network adapters that simplify and accelerate these four critical IT functions.1,2
While Intel vPro technology is conveniently built in, some of its unique features require action to deploy them based on the organization’s needs and policies. Thanks to Intel® Setup and Configuration Software 8.0, IT managers can implement Intel vPro processor–based PCs or workstations in a matter of minutes.2
Prevent attacks below the operating system
Intel vPro technology protects against difficult-to-detect, penetrating rootkits and malware that threaten users working in cloud or virtual environments. It combines several hardware-based features, including Intel® Trusted Execution Technology (Intel® TXT)3 and Intel® Virtualization Technology (Intel® VT)4 for centralized image management and administration, secure network storage, and out-of-band protection—all beyond the firewall.
Protect confidential business, employee, and customer information
Traditional forms of account authentication are no longer enough. That’s why Intel vPro technology provides multiple lines of built-in defenses, starting with the online safety features of Intel® Identity Protection Technology (Intel® IPT)5: embedded one-time password, built-in public key infrastructure (PKI), and protected transaction display.
Intel® AES New Instructions6 provides additional protection, and can encrypt data up to four times faster without interfering with user productivity.7 The technology employs Intel® Secure Key,8 a hardware-based encryption technology that generates higher-quality random numbers, making data encryption even more secure for safer online interactions.
Respond to security breaches with speed and agility
Because Intel vPro technology is embedded in hardware, its capabilities are accessed and administered separately from the hard drive, OS, and software applications—in a pre-boot environment. This makes management less susceptible to issues affecting these areas. It also allows remote access to the PC or workstation, regardless of the system’s power state or OS condition. This technology:
- Allows IT technicians to quickly deploy security patches across PCs, remotely unlock encrypted drives, and manage data security settings
- Gives IT help desk personnel complete control over a platform with unique features like KVM Remote Control9 with support for three simultaneous display configurations, 27 additional languages, and enhanced mouse improvements across multiple screens
- Enables IT to remotely diagnose, isolate, and repair infected platforms after a security breach occurs
- Uses Intel® Active Management Technology (Intel® AMT)10 and is complemented by management and security solutions like McAfee Deep Command* or Microsoft System Center* to facilitate remote management of platform applications, even when the platform is turned off, as long as the platform is connected to a power line or network
- Delivers the most advanced security and compute-model flexibility for consumerization with the addition of Intel® Virtual Machine Control Structure Shadowing (Intel® VMCS Shadowing), enabling greater control and separation of IT-managed and your user-owned operating environment partitions
Intel vPro Technology in Intelligent Systems
Automated teller machines (ATMs)
Intel vPro technology features, such as Intel AMT, enable banks to quickly troubleshoot and repair an ATM remotely, thereby increasing its availability. Meanwhile, Intel VT can improve reliability by allowing the bank transaction application to run safely in isolation of non-critical applications, such as advertising videos. Finally, Intel TXT protects the ATM by preventing unauthorized software—which may have been inadvertently loaded onto the system—from starting up.
1. No computer system can provide absolute security under all conditions. Built-in security features available on select Intel® processors may require additional software, hardware, services and/or an Internet connection. Results may vary depending upon configuration. Consult your system manufacturer for more details. For more information, see http://www.intel.com/content/www/us/en/security/security-at-home.html.
2. Intel® vPro™ technology is sophisticated and requires setup and activation. Availability of features and results will depend upon the setup and configuration of your hardware, software, and IT environments. To learn more visit: www.intel.com/content/www/us/en/architecture-and-technology/vpro/vpro-technology-general.html.
3. No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology requires a computer system with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). The MLE could consist of a virtual machine monitor, an OS or an application. In addition, Intel TXT requires the system to contain a TPM v1.2, as defined by the Trusted Computing Group, and specific software for some uses. For more information, see www.intel.com/content/www/us/en/data-security/security-overview-general-technology.html.
4. Intel® Virtualization Technology (Intel® VT) requires a computer system with an enabled Intel® processor, BIOS, and virtual machine monitor (VMM). Functionality, performance, or other benefits will vary depending on hardware and software configurations. Software applications may not be compatible with all operating systems. Consult your PC manufacturer. For more information, visit www.intel.com/content/www/us/en/virtualization/virtualization-technology/hardware-assist-virtualization-technology.html.
5. No system can provide absolute security under all conditions. Requires an Intel® Identity Protection Technology (Intel® IPT) enabled system, including a 2nd or 3rd generation Intel® Core™ processor or an Intel® Xeon® processor E3-1200 v2 product family, enabled chipset, firmware and software, and participating website. Consult your system manufacturer. Intel assumes no liability for lost or stolen data and/or systems or any resulting damages. For more information, visit http://ipt.intel.com.
6. Intel® AES New Instructions (Intel® AES-NI) requires a computer system with an Intel® AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. For availability, consult your reseller or system manufacturer. For more information, see software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/.
7. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations, and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to http://www.intel.com/performance. Results have been measured by Intel based on software, benchmark or other data of third parties and are provided for informational purposes only. Any difference in system hardware or software design or configuration may affect actual performance. Intel does not control or audit the design or implementation of third party data referenced in this document. Intel encourages all of its customers to visit the websites of the referenced third parties or other sources to confirm whether the referenced data is accurate and reflects performance of systems available for purchase.
8. No system can provide absolute security. Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) requires a computer system with an Intel® AES-NI-enabled processor, as well as software to execute the instructions in the correct sequence. Intel® Secure Key requires an Intel® Secure Key-enabled platform, available on select Intel® processors, and software optimized to support Intel® Secure Key. Consult your system manufacturer for more information and availability.
9. KVM Remote Control (Keyboard Video Mouse) is only available with dual-core Intel® Core™ i5 vPro™ and Core™ i7 vPro™ processors with active integrated graphics. Discrete graphics are not supported.
10. Security features enabled by Intel® Active Management Technology (Intel® AMT) require an enabled chipset, network hardware and software and a corporate network connection. Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating, or powered off. Setup requires configuration and may require scripting with the management console or further integration into existing security frameworks, and modifications or implementation of new business processes. For more information, visit http://www.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html.