15
White Paper: The All New 2010 Intel® Core™ vPro™ Processor Family: Intelligence that Adapts to Your Needs
Receive alerts even if a system
is off the corporate network
PCs with a new Intel Core vPro processor have policy-based alerting
built into the system. IT administrators can define the types of alerts
they want to receive. Although all alerts are logged in the persistent
event log, IT administrators can receive only the alerts they want.
In this way, alerts that are not as critical do not add substantially
to network traffic.
Alerting within the corporate network
Since alerting uses the OOB communication channel, IT administrators
can receive critical notifications from PCs within the corporate network
out-of-band, virtually anytime, even if the OS is inoperable, hardware
has failed, or management agents are missing.
Alerting from outside the corporate network
IT can even receive notifications from a PC (awake and OS operable) that
is connected to the corporate network through a host OS-based VPN or
when connected via wired or wireless LAN on an open network outside
the corporate firewall. IT administrators can now be notified rapidly and
automatically when a system falls out of compliance, hardware is about
to fail — sometimes even before users know they have a problem, or
applications hang.
Out-of-band management even with 802 1x,
Cisco SDN, and Microsoft NAP
In the past, IT administrators often felt they had to choose between
using out-of-band management and maintaining full network security
with 802.1x, Cisco SDN, or Microsoft NAP. With the latest PCs with a new
Intel Core vPro processor, network security credentials can be embedded
in the hardware. This includes an Intel® Active Management Technology
1
(Intel® AMT) posture plug-in, which collects security posture information
(such as firmware configuration and security parameters), and the Intel
AMT Embedded Trust Agent.
This capability allows the 802.1x authentication or the Cisco, or Microsoft
posture profile to be stored in hardware (in protected, persistent memory),
and presented to the network even if the OS is absent. The network can
now authenticate a PC before the OS and applications load, and before
the PC is allowed to access the network. IT administrators can now use
out-of-band management for maintenance, security, management, or
PXE purposes, while still maintaining full network security, including
detailed, out-of-band compliance checks.
This capability also allows IT administrators to use their existing
PXE infrastructure within an 802.1x, Cisco SDN, or Microsoft NAP
network. The result is better security for PCs and a more reliable
network, regardless of the PC’s OS state, application state, or the
presence of management agents.
Intel® Trusted Execution Technology (Intel® TXT)
The new generation of laptop and desktop PCs with a new Intel Core
vPro processor include Intel Trusted Execution Technology (Intel TXT).
Intel TXT helps build and maintain a chain of trust from hardware to
a Virtual Machine Monitor (VMM). This helps to protect information in
virtualized environments from software-based attacks. For more infor-
mation about Intel TXT, visit www.intel.com/technology/security/.
Faster, easier remote manageability
helps reduce costs
PCs with a new Intel Core vPro processor make it even easier to reduce
maintenance costs. Built-in capabilities in these PCs include remote
configuration, diagnosis, isolation, and repair of PCs, even if systems
are unresponsive. Remote, automated manageability features – includ-
ing new, hardware-based KVM Remote Control
2
in PCs with a new Intel
Core i5 vPro processor (and select Intel Core i7 vPro processor-based
PCs) – make PC upkeep easier even for complex issues, and help keep
service costs low while improving user productivity. The all new 2010
Intel Core vPro processor family includes other new features, such as
PC Alarm Clock. IT managers can also quickly upgrade to Windows 7
remotely and overnight, minimizing disruptions to users and without
losing access to legacy applications. Once Intel vPro technology is
activated, IT administrators can take advantage of these built-in
remote manageability capabilities.
Remote upgrades save IT and user time
PCs with a new Intel Core vPro processor make it easier to upgrade
OSs and applications remotely and automatically. For example, IT
can remotely upgrade to Windows 7 at night, regardless of the initial
power state of the PC, and save users up to 40 minutes or more by
performing the process off-hours.
5
Resolve more problems remotely
One of the most critical IT needs is a greater ability to remotely resolve
PC problems, especially when a laptop or desktop PC’s OS is down
or hardware has failed. According to industry studies, deskside and
service-center calls make up only a small percent of PC problems
in a typical business, but they take up the majority of the budget. In
fact, the cost of a deskside visit is seven times the cost of a remote
problem resolution.
25