take business pcs to the next level · security technologies in notebook and desktop pcs with...
TRANSCRIPT
Take business PCs to the next levelEnhanced security and remote manageability on the chip with Intel® Centrino® 2 with vPro™ technology for notebook PCs and
Intel® Core™2 processor with vPro™ technology for desktop PCs.
< Superior Remote Diagnostic and Repair: Conduct down-the-wire diagnostics and repair even if the OS is down or the wired notebook or desktop PC is outside the corporate firewall. >
< Speedy Remote Inventory: Remotely inventory hardware and software assets on wired or wireless PCs — whether powered down or the OS is unresponsive. >
< Advanced PC Protection: Use hardware-based virus filtering, isolation, and agent checking to help protect PCs and their software. >
2
< Help Protect Data from Theft: Automatically protect data from unauthorized access and/or disable the PC when a notebook is lost or stolen. >
< Fast Patch Saturation: Enable greater patch saturation in less time with encrypted remote PC power-on so you can update PCs anytime. >
Improve security and remote manageability with Intel® vPro™ technology-based notebook and desktop PCs
Building on a common technology foundation,
notebook and desktop computers with
Intel® vPro™ technology bring even more
security and management features to IT.
Intel vPro technology offers a unified, proven
approach to maintaining, managing, and protecting
computers throughout your organization — even
if the OS is unresponsive or the PC is powered
off1 — using the same IT management console.
You can also manage your notebooks securely
over a wired LAN, even outside the corporate
firewall. (See graphic on page 5 for complete con-
nectivity capabilities.) And select notebooks will be
ready for on-the-go wireless access beyond today’s
hot spots, through an optional, integrated WiFi/
WiMAX card2.
Plus, PCs with Intel vPro technology contain the
high-performance, energy-efficient Intel® Core™2
processor providing proactive security, built-in
remote manageability, and energy-efficient
performance for both your notebook and
desktop PCs.
Intel® Centrino® 2 with vPro™ technology for notebook PCs and Intel® Core™2 processor with vPro™ technology for desktop PCs will change your IT reality. Our latest technology is optimized for business computers, taking you to the next level with leading-edge security and manageability built right into the chip.
Best for business – Intel® Centrino® 2
with vPro™ technology and Intel® Core™2
processor with vPro™ technology
3
Computers with Intel vPro technology
incorporate hardware-based security and
enhanced maintenance and management
capabilities that integrate seamlessly with
consoles from leading Independent Software
Vendors (ISVs).4 Because these capabilities
are built into the hardware, Intel vPro technology
delivers the industry’s first solution for
OS-absent manageability and down-the-wire
security even when the PC is off, the OS
is unresponsive, or software agents are
disabled — even in 802.1x, PXE, Cisco Self-
Defending Network* (Cisco SDN*), and
Microsoft Network Access Protection*
(Microsoft NAP*) environments.
Notebook and desktop PCs with
Intel vPro technology are available
from a wide range of PC manufacturers
and technology service providers. These
high-performance, feature-rich PCs are
ready to accommodate new technologies
or software such as Windows 7* or Office
2007.* Powered by the Intel Core 2 Duo
processor or the Intel Core 2 Quad processor,
you also get exceptional desktop and note-
book performance to support compute-
intensive applications, as well as great
battery life and smaller, more innovative
notebook designs.
A unified framework for secure, remote management of PCs Extend your management console with proven Intel® vPro™ technology: even more secure remote management of both notebooks and desktop PCs from the same management console.
Intel® vPro™ technology enables up to
94% faster inventories, greater policy
compliance, up to 56% fewer deskside
service visits, and less interruption
to business operations.3
4
55
a Systems using client-initiated remote access require wired LAN connectivity and might not be available in public hot spots or “click to accept” locations. For more information on PC-initiated remote access, visit, www.intel.com/products/centrino2/vpro/index.htm. PC-initiated remote communication is supported only in the latest notebooks and desktop PCs with Intel vPro technology.
b Requires WPA or WPA2/802.11i security and Controller Link 1 for wireless operation when user OS is down.c Intel® Anti-Theft Technology (PC protection) is only available on select notebooks (check with your OEM) with a specific firmware and BIOS version. Some functionality, like preboot authentication, local timer expiration, and self administered poison pill do not require network connectivity or a functional/responsive OS. The remote PC/data access disablement (triggered by the administrator or service provider via a flag in a central database) does require network connectivity, the system awake (on), and the operating system fully responsive. Intel Anti-Theft Technology does not work when the system is any sleep state (Sx).
Intel® vPro™ technology use cases and capabilitiesPlugged into an AC power source and connected to a wired or wireless network inside the corporate firewall, the security and management capabilities of Intel vPro technology are virtually identical for both notebooks and desktop PCs. Key capabilities – such as remote power up, remote boot, console redirection, access to preboot BIOS settings – are also available for wireless notebooks on AC power regardless of sleep state. Outside the corporate network, all capabilities are available over secure communications on a wired LAN for both notebook and desktop PCs. And, some remote capabilities, such as agent presence checking, asset inventorying and alerting, are available even over a host OS-based virtual private network (VPN).
Use Cases Usages
Works with wired PC-initiated secure
communication outside corporate
firewalla
AC-powered wired or wireless notebook or
wired desktopBattery-powered
wired or wireless notebook
AWAKE, OS WORKING PROPERLY
AWAKE, BUT OS UNRESPONSIVE
ASLEEP (Sx) AWAKE, OS WORKING PROPERLY
AWAKE, BUT OS UNRESPONSIVE
ASLEEP (Sx)
Remote power up/ power cycle
IT resets PC to clean state (or powers up PC for servicing). Use power management to reduce energy costs.
YES YES YESb YES YES YESb N/A
Encrypted, remote software update
Automated or manual policy-based protection against virus outbreaks. YES YES YESb YES YES YESb N/A
Agent presence checking and alerting
Ensure critical applications are running, and be quickly notified when they miss a check in.
YESYES
Also available in presence of host OS-based VPN
YESb N/A YESAlso available in presence of host OS-based VPN
YESb N/A
System isolation and recovery
Automated or manual policy-based protection against virus outbreaks. YES YES YESb N/A YES YESb N/A
Protection for data if a notebook is lost or stolenc
Identify and prevent unauthorized access to encrypted data, or disable the notebook via local or remotely triggered poison pill if PC is lost or stolen.
YESfor notebooks
YES for notebooks
Also available in presence of host
OS-based VPN
YESfor notebooks
N/AYES
Also available in presence of host OS-based VPN
YES N/A
Remote diagnosis and repair
Diagnose and repair problems remotely via out-of-band event log, remote/redirected boot, console redirection, and preboot access to BIOS settings.
YES YES YESb YES YES YESb N/A
Remote hardware and/or software asset tracking
Take a hardware or software inventory regardless of OS state or power state.
YESYES
Also available in presence of host OS-based VPN
YESb YESYES
Also available in presence of host OS-based VPN
YESb N/A
Remote configuration Configure and provision PCs without a deskside visit. N/A YES N/A N/A YES N/A N/A
6
HARDWARE-ENHANCED VIRTUALIZATION: IT’S TIME FOR PC DEFENSE IN-DEPTH
Deliver OS and application software to business PCs through next-generation
standard-practices using protected, high-performance virtualization – and
create faster, more secure, more protected environments for your mission-
critical applications and most sensitive data.
Traditional and next-generation virtualization Built-in Intel® Virtualization Technology (Intel® VT)5 for notebook and desktop
PCs with Intel® vPro™ technology helps you efficiently run more than one OS
on a PC. These PCs support both traditional and next-generation application
delivery, such as using virtualization to stream OSs and applications – even
full system builds – into more secure, isolated virtual containers as-needed.
The combination of streaming and virtual containers lets IT manage software
independently of hardware, protect IT tasks from tampering, isolate corporate
data from personal data, and increase security for mission-critical applications
without overly limiting the worker’s use of personal but unsupported software.
Trusted launch and protected shutdownIntel® Trusted Execution Technology (Intel® TXT)6 and industry-standard
TPM 1.2 help the PC boot software into a trusted state and also protect
credentials during both orderly and disorderly shutdowns. These features
enable an additional layer of security, helping protect the integrity of the
virtual machine monitor and critical business data.
Multiply your security levelsWith enhanced isolation, greater efficiency, and lower overhead, Intel VT and
Intel TXT can help you protect virtual environments against rootkit and other
attacks, improve security, and minimize business risk.
Proactively protect your notebook and desktop PCsProtect your infrastructure and help ensure business continuity with the unique hardware-enhanced security technologies in notebook and desktop PCs with Intel® vPro™ technology. Now you can stop many threats before they reach the operating system, isolate infected systems, and update PC security software more efficiently and effectively than ever before.
The hardware-based capabilities of Intel vPro technology
improve network traffic filtering and isolate clients
under attack to protect your network. Automatic
verification of the presence of security agents
and immediate remote restoration enhance your
preventive security efforts. With new optional
Intel® Anti-Theft Technology (Intel® AT)7 for
notebooks, you can automatically prevent unauthor-
ized access to encrypted data or disable the system
(through programmable triggers) if the notebook is
lost or stolen – and still recover quickly and completely
with an approved passphrase or IT-controlled token
when the system is returned to the user.
Even from outside the corporate firewall, a wired
notebook or desktop PC can initiate a secure
connection to the IT console to alert you to
critical events – such as falling out of compliance.
Integrated posture authentication in wired or wireless
notebook and desktop PCs lets you respond quickly
with Intel vPro technology’s out-of-band manage-
ability even in 802.1x, PXE, Cisco SDN, and Microsoft
NAP environments. And with secure, reliable remote
power-up functionality, you can deploy off-hours
patches across your enterprise faster and without
disrupting end users, speeding up patch saturation
by up to 56%.3
Intel vPro technology also enables more accurate
inventories to help ensure all systems are compliant
with security policies. Additionally, the hardware-
assisted antivirus protection of Execute Disable
Bit helps protect your PCs from certain viruses
that use buffer overflow attack.8
7
INTEL® CENTRINO® 2 with vPro™ TECHNOLOGYOperate wirelessly with greater security, reliability, predictability, and perform- ance. Beyond their proactive security – including new optional Intel® Anti-Theft Technology – and their built-in manageability features, Intel® Centrino® 2 with vPro™ technology-based notebooks deliver the outstanding mobile experience of the Intel® Centrino® processor technology family:
• Over 30% faster when multitasking business applications.9
• Power-optimized chipset, DDR3 memory (which helps lower the total device power consumption while still allowing data to flow faster), and great battery life.
• Help enable secure, flexible wireless connectivity by supporting 802.11 a/b/g/n wireless protocols offering up to 5x the performance on an 802.11n network with greater reliability and predictability.10
• Optional integrated WiFi/WiMAX card for on-the-go wireless access beyond today’s hotspots.2
Reduce maintenance costs and stay compliant Using hardware-based technologies, you can remotely manage both notebook and desktop PCs with Intel® vPro™ technology. These capabilities work with management solutions from leading ISVs such as HP, LANDesk, Microsoft, and Symantec to enhance down-the-wire control of your company’s computers and streamline maintenance and other operations.
When desktops or notebooks experience issues,
you can speed recovery times, minimize deskside
visits, and improve technician efficiencies.
Intel vPro technology can help you diagnose and
repair both wired and wireless systems remotely –
even notebooks outside the corporate firewall –
cut downtime, and reduce the average in-person IT
support time. You can even access notebook and
desktop PCs when the OS is unresponsive, while
from the user’s side, a new “fast help” hotkey lets
them quickly and securely connect the PC to the
help desk for servicing from outside the corporate
firewall.11 Intel vPro technology also allows you to
perform remote asset tracking and check the
presence of management agents virtually any-
time. This functionality helps you conduct hard-
ware and software inventories up to 94% faster
than manually per PC.3 These notebooks and desk-
top PCs can initiate secure communications to the
IT console from outside or inside the corporate
firewall to check for patches, inventory requests,
and other updates, making it even easier to
schedule maintenance and other work.
Select PCs with Intel vPro technology are part of
the Intel® Stable Image Platform Program (Intel®
SIPP),12 so you can avoid unexpected changes that
might force software image revisions or hardware
re-qualifications. This helps your team more
effectively plan replacement cycles and reduce
the number of deployed client configurations.
Plus, these PCs are built on industry standards
such as ASF, SOAP, TLS, WS-MAN and DASH.*
ENTERPRISES ARE BENEFITING Intel® Centrino® 2 with vPro™ technology
and Intel® Core™2 processor with vPro™ technology enable you to shift your focus from managing your PCs to accelerating your overall business success.
Proven technology delivers positive ROIEDS is a leading global technology services company. A recent ROI analysis of Intel vPro technology conducted by EDS concluded that the hardware-based security and manageability capabilities of Intel vPro technology could deliver a positive ROI of 294% over 3 years, with a break-even point at 2 years.13 EDS projects estimated savings of $320,000 in 3 years, and a productivity benefit equivalent to $440,000 across 3 years by deploying Intel vPro technology.13
Save on power bills via improved remote power managementCompanies are finding that Intel vPro technology helps them go “green,” reduce energy consumption, save significantly on energy costs, and improve corporate responsibility – without sacrificing manageability. With Intel vPro technology, you can remotely power up PCs for off-hours maintenance and other work, so you can make better use of the power-management features of your management console. For example, a recent Siemens study concluded that, by using Intel vPro technology to provide IT services while PCs are powered-off during non-work hours for an IT infrastructure of 5000 desktop PCs, Siemens could save 1.28 KWh per PC per day, equating to a savings of $264,000 every year in power bills alone.14
8
The industry-leading performance of
Intel Core 2 processors enable you to
multitask or run background management
applications for manageability, security
or communications while maintaining
superior responsiveness for foreground
applications.
• Up to 30% faster performance when
multitasking.9
• Up to 35% faster performance on
compute-intensive apps.9
At the same time, their great energy
efficiency enables smaller, quieter systems
and delivers great battery life for mobile
PCs. These 64-bit PCs15 offer full support
for Windows Vista* and Windows 7,* includ-
ing integrated Intel graphics support for the
Windows Aero* interface, and the perfor-
mance for Microsoft Office* 2007 and
other next-generation software.
Setting new standards in energy-efficient performanceWhen your business needs to respond, your PCs will be responsive. PCs with Intel® vPro™ technology are powered by the dual-core or quad-core Intel® Core™2 processor for more computing power and better energy efficiency.
The Intel® Core™2
processor is at
the heart of PCs
with Intel® vPro™
technology.
9
Faster Application Performance with Intel® Core™2 Duo Processor16,17
• More than 150% faster on desktop office productivity benchmarks
• Up to 35% faster on notebook office productivity benchmarks
• Over 4x faster on advanced Microsoft Excel* calculations for desktop PCs
• Over 2.5x faster on advanced Microsoft Excel calculations for notebooks PCs
Intel® vPro™ technology can help cut
average user downtime and reduce the
average in-person IT support time.
Security and manageability for superior business performanceTake your business computing to the next level
with Intel vPro technology. Now you can minimize
the time and money spent on PC management
and focus on IT innovation, thanks to this unified
approach for more efficiently managing your note-
book and desktop computers. The proactive security,
built-in remote manageability, and energy-efficient
performance of notebook and desktop computers
with Intel vPro technology delivers excellent return
on investment (ROI)3 and will directly benefit your
business. With broad support from leading PC manu-
facturers, ISVs, and IT service providers, these note-
book and desktop PCs deliver a complete solution
for a wide range of business environments and
a superior foundation for your transition to
Windows Vista.
Take advantage of the latest advances from Intel
and focus on accelerating your overall business
success. Make the move to Intel Centrino 2 with
vPro technology and Intel Core 2 processor
with vPro technology today.
For more information about PCs with Intel vPro
technology, visit: www.intel.com/vpro
Blog with the pros who have deployed Intel vPro
technology: www.intel.com/go/vproexpert
10
< Minimize the need for deskside visits. >
< Help protect your network from intrusion and malicious attacks. >
< Better protect your data assets from loss or theft.>
11
< Help ensure all your PCs always have the most up-to-date security. >
1 Intel® vPro™ technology includes powerful Intel® Active Management Technology (Intel® AMT). Intel AMT requires the computer system to have an Intel® AMT-enabled chipset, network hardware and software, as well as connection with a power source and a corporate network connection. Setup requires configuration by the purchaser and may require scripting with the management console or further integration into existing security frameworks to enable certain functionality. It may also require modifications of implementation of new business processes. With regard to notebooks, Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating or powered off. For more information, see www.intel.com/technology/platform-technology/intel-amt/.
2 Requires WiMAX service subscription.3 Results shown are from the 2007 EDS Case Studies with Intel® Centrino® Pro and the 2007 EDS case studies with Intel® vPro™ processor technology,
by LeGrand and Salamasick., 3rd party audit commissioned by Intel, of various enterprise IT environments and the 2007 Benefits of Intel® Centrino® Pro Processor Technology in the Enterprise, Wipro Technologies study commissioned by Intel and may not be representative of the results that can be expected for smaller businesses. The EDS studies compare test environments of Intel® Centrino® Pro and Intel® vPro™ processor technology equipped PCs vs non- Intel® vPro™ processor technology environments. The Wipro study models projected ROI of deploying Intel® Centrino® Pro processor technology. Actual results may vary. The studies are available at www.intel.com/vpro, www.wipro.com, www.eds.com.
4 Contact your ISV for specific implementation schedules and support for both desktop and notebook PCs. 5 Intel® Virtualization Technology requires a computer system with an enabled Intel® processor, BIOS, Virtual Machine Monitor (VMM) and, for some
uses, certain computer system software enabled for it. Functionality, performance or other benefits will vary depending on hardware and software configurations and may require a BIOS update. Software applications may not be compatible with all operating systems. Please check with your application vendor.
6 No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology (Intel® TXT) requires a computer system with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). The MLE could consist of a virtual machine monitor, an OS or an application. In addition, Intel TXT requires the system to contain a TPM v1.2, as defined by the Trusted Computing Group and specific software for some uses. For more information, see http://www.intel.com/technology/security.
7 No computer system can provide absolute security under all conditions. Intel® Anti-Theft Technology (Intel® AT) for PC protection (also referred to as the ‘poison pill’ in some documents) requires the computer system to have an Intel® AT-enabled chipset, BIOS, firmware release, software and an Intel AT-capable Service Provider/ISV application and service subscription. Intel® AT (PC Protection) performs the encrypted data access disable by preventing access to or deleting cryptographic material (e.g. encryption keys) required to access previously encrypted data. ISV-provided Intel-AT-capable encryption software may store this cryptographic material in the PC’s chipset. In order to restore access to data when the system is recovered, this cryptographic material must be escrowed/backed up in advance in a separate device or server provided by the security ISV/service provider. The detection (triggers), response (actions), and recovery mechanisms only work after the Intel® AT functionality has been activated and configured. The activation process requires an enrollment procedure in order to obtain a license from an authorized security vendor/service provider for each PC or batch of PCs. Activation also requires setup and configuration by the purchaser or service provider and may require scripting with the console. Certain functionality may not be offered by some ISVs or service providers. Certain functionality may not be available in all countries. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof.
8 Enabling Execute Disable Bit functionality requires a PC with a processor with Execute Disable Bit capability and a supporting operating system. Check with your PC manufacturer on whether your system delivers Execute Disable Bit functionality.
9 Measured using SYSmark* 2007 Preview, BAPCo’s latest version of the mainstream office productivity and Internet content creation benchmark tool used to characterize the performance of the business client, comparing latest generation comparing Intel® Centrino® 2 processor technology-based notebooks with comparable frequency first generation dual-core Intel Centrino processor technology based notebooks. SYSmark 2007 Preview features user-driven workloads and usage models developed by application experts. Actual performance may vary. See http://www.intel.com/ go/consumerbenchmarks for important additional information.
10 Up to 2x greater range and up to 5x better performance with optional Intel® Next-Gen Wireless N technology enabled by 2x3 Draft N implementations with 2 spatial streams. Actual results may vary based on your specific hardware, connection rate, site conditions, and software configurations. See www.intel.com/performance/mobile/index.htm for more information. Also requires a Connect with Intel® Centrino® processor technology certified wireless n access point. Wireless n access points without the Connect with Intel Centrino processor technology identifier may require additional firmware for increased performance results. Check with your PC and access point manufacturer for details.
11 Systems using client-initiated remote access require wired LAN connectivity and may not be available in public hot spots or “click to accept” locations. For more information on client-initiated remote access visit, http://www.intel.com/products/centrino2/vpro/index.htm .
12 Check with your PC vendor for availability of computer systems that meet Intel® Stable Image Platform Program (Intel® SIPP) guidelines. A stable image computer system is a standardized hardware configuration that IT departments can deploy into the enterprise for a set period of time, which is usually 12 months. Intel SIPP is a client program only and does not apply to servers or Intel-based handhelds and/or handsets.
13 Source: EDS Intel vPro Call Center ROI Analysis, January 2008. 14 Source: Siemens IT Solutions and Services newsletter, 2007. 15 64-bit computing on Intel architecture requires a computer system with a processor, chipset, BIOS, operating system, device drivers and applications
enabled for Intel® 64 architecture. Performance will vary depending on your hardware and software configurations. Consult with your system vendor for more information.
16 (Desktop) Pre-production Intel® Core™2 Duo Processor E8200 (6MB L2, 2.66GHz, 1333MHz FSB) and Pre-Production Intel Core™2 Quad Processor Q9450 (6MBx2 L2, 2.66GHz, 1333MHz FSB) on Intel DQ35JOE board, Intel Chipset Software Installation File 8. 30.1013, 2x1GB Dual Channel Micron* PC2-6400 DDR2 800 5-5-5-15. Intel® Pentium® 4 Processor 530 (1MB L2, 3.00GHz, 800MHz FSB) on Intel D945GCL board, Intel GMA950 Express Chipset, Intel Chipset Software Installation File 8.1.1.1010, 2x1GB Dual Channel Micron* PC2-6400 DDR2 667 5-5-5-15. Common to all platforms: Seagate* 320GB Barracuda 7200.10 NCQ Serial ATA 7200 RPM, Windows* Vista* Ultimate 32bit. Performance tests and ratings are measured using specific computer systems and / or components and reflect the approximate performance of Intel products as measured by those tests. (Mobile) Based on measured Intel® Pentium® M 780 (2MB L2, 2.26GHz, 533FSB) and estimated Intel® Pentium M 770 (2MB L2, 2.13GHz, 533FSB) versus Pre-Production Mobile Intel Core™2 Duo Processor T8100 (3MB L2, 2.10GHz, 800MHz FSB ) on Intel Matanzas Customer Reference Board board, Intel Chipset Software Installation File 8.2.0.012, 2x1GB Dual Channel Micron* PC2-5300 DDR2 800 5-5-5-15, Hitachi* 100GB TravelStar* Serial ATA 7200 RPM, Windows* Vista* Ultimate 32bit. Performance tests and ratings are measured using specific computer systems and / or components and reflect the approximate performance of Intel products as measured by those tests. Any difference in system hardware or software design or configuration may affect actual performance. Buyers should consult other sources of information to evaluate the performance of systems or components they are considering purchasing. For more information on performance tests and on the performance of Intel products, visit http://www.intel.com/performance/.
17 Comparing latest generation Intel® Centrino® 2 processor technology-based notebooks with comparable frequency to first generation dual-core Intel Centrino processor technology based notebooks. Measured usig SPECint*_rate_base2006 and SPECfp*_rate_base2006 capacity-based metrics used to measure throughput of a computer that is performing a number of tasks. Actual performance may vary. See http://www.intel.com/ go/consumerbenchmarks for important additional information.
www.intel.com/vpro
Copyright © 2009, Intel Corporation. All rights reserved. Intel, Centrino, Centrino 2 inside, Intel vPro, Core Inside, Intel Core, and Pentium are trademarks of Intel Corporation in the U.S. and other countries.
*Other names and brands may be claimed as the property of others.
Printed in USA 0609/LKY/OCG/XX/PDF Please Recycle 316806-008US