specifying endpoint security solutions for intelligent ... · why computing hardware matters for...
TRANSCRIPT
SOLUTION BRIEFIntelreg vProtrade TechnologyMcAfee Endpoint Security SolutionsMcAfee Embedded Security SolutionsIntelligent Systems
Organizations should proactively stipulate hardware- and software-based security technologies for endpoint devices to best protect against future threats
Stuxnet a sophisticated cyber weapon that targeted industrial control systems highlighted the security vulnerabilities of the many intelligent systems connected to networks Whereas securing client computers is typically top of mind for most organizations the endpoint security solution implemented on user-less devices such as digital signage displays printers kiosks and vending machines often goes unnoticed Since many intelligent systems seem like black boxes organizations purchasing them may be reluctant to specify a security solution In such cases device security strategy may be determined solely by the equipment manufacturer who may or may not have expertise in this area
Further complicating matters there isnt a single security solution capable of addressing all future risks instead most would agree its necessary to implement a series of different defenses across the system This can be done using a layered security approach that enforces policy using both hardware- and software-based technologies some of which are reviewed in this paper IT organizations are very familiar with the software solutions such as anti-virus (AV) but they are probably less familiar with hardware-based security technologies available today For example computing platforms based on Intelreg Coretrade vProtrade processors incorporate various technologies to increase threat protection some of which also improve the effectiveness of software-based security solutions
With dangerous cyber threats escalating establishing a security strategy for intelligent systems should not be an afterthought This is particularly true of hardware-based security solutions which must be designed in upfront by the equipment manufacturers and cannot be added after the fact This paper reviews some advanced security technologies that can be specified in a request for quote (RFQ) or a request for proposal (RFP) in order to stipulate leading-edge protection against cyber attacks and zero day threats like Stuxnet
A combination of hardware and
software technologies can improve a devices
security posture
Specifying Endpoint Security Solutions for Intelligent Systems through the RFQRFP
2
Figure 1 New Intel Instructions Dramatically Speed Up Encryption Rates4
Why Computing Hardware Matters for SecurityOver many years Intel has delivered ever-increasing processor performance per Moores law These enhancements are complemented by other computing platform improvements some of which improve security As a result those buying the latest Intelreg platforms with Intelreg vProtrade technology usually benefit from some of the latest security advances These features can be categorized by the amount of end-user effort required exemplified in the following
No effort ndash feature works without end user intervention
Example Intelreg OS Guard1 protects the operating system from escalation-of-privilege attacks by preventing malware from accessing critical operating system (OS) vectors or executing from application memory
Minimal effort ndash feature must be employed by the application software
Example Encryption allows an organization to secure its confidential information and application software employing Intelreg Advanced Encryption Standard New Instructions (Intelreg AES-NI)2 can speed up data encryption by up to four times (serial mode) or ten times (parallel mode) without slowing down the system as illustrated in Figure 13
Considerable effort ndash feature must be integrated into the IT support environment
Example Among many advanced remote management functions Intelreg Active Management Technology (Intelreg AMT)5 enables IT professionals to gain control of an infected system and restore its software image regardless of its software state Intel AMT is a key ingredient in Intel vPro technology
Hardware-based security features generally are built into the key platform components such as the CPU chipset network interface cards (NICs) and trusted platform modules (TPMs) For that reason they must be designed into the computer boards and cannot be added later so its necessary to specify these capabilities when systems are specd or purchased This can be done simply for x86-based systems with the following hardware request in the RFQ or RFP
The RFQ or RFP can also be used to request security software to be preloaded as in the example This can be beneficial when there is limited technical support at deployment sites like convenience stores where it may be necessary to install point-of-sale (POS) terminals kiosks or digital signage
Endpoint Security SoftwareFrom an IT perspective some intelligent systems such as bedside terminals and physician tablets are like typical employee computers running Microsoft Windows therefore it may be possible to secure and manage them with the same endpoint security software as other computer assets In this case the security solution will be defined by the organizations IT department and not the system manufacturer The IT department can install their preferred security software when deploying intelligent systems or ask the manufacturer to preload the software
Security support for other intelligent systems like industrial controllers and network appliances may require a different IT support model than standard PCs due to their dissimilarities such as running Linux or a real-time operating system One key difference may be the suitability of anti-virus software for these types of embedded devices there could be difficulty keeping virus signatures up-to-date or detecting and remediating malware Another issue is anti-virus solutions sometimes consume considerable computing resources which in the case of a safety-critical device could have an unacceptable impact on its performance
An alternative security approach
An emerging software technology is called application whitelisting which is particularly effective against zero-day attacks Whitelisting is well-suited for fixed-function devices running only known trusted software Permitted code ndash registered on a carefully controlled list ndash is allowed to execute while unknown software is prevented from running
Encryption Rate
4x
Increase
With Intelreg AES-NIPrevious Generation
Platform
Serial Mode
10x
Increase
With Intelreg AES-NIPrevious Generation
Platform
Parallel Mode
a Hardware
i Integrated computing systems should be based on
Intelreg vProtrade technology
b Preload Security Software
McAfee ePO Deep Command
McAfee Embedded Control
McAfee Application Whitelisting
McAfee Deep Defender
McAfee Total Protection for Enterprise
McAfee Endpoint Encryption
Security Solution
RFQRFP
Figure 2 McAfee Device Control Specifies Which Devices Can Be Used and What Data Can Be Copied
3
Figure 3 Difference between In-band and Out-of-band Remediation
When untrusted software attempts to run and gets blocked the whitelisting application alerts the management console prompting potential corrective action Whitelisting is a light approach using far less CPU and memory resources than anti-virus software
For more information read the Choosing Between Whitelisting and Blacklisting ndash Endpoint Security Software for Fixed Function Devices whitepaper at httpwwwintelcomcontentwwwusenenterprise-securityfixed-function-endpoint-security-software-briefhtml During the RFP and RFQ stage it may be useful to have a discussion with the intelligent system manufacturer about the tradeoffs between anti-virus and application whitelisting solutions
Protect critical data from leaving your organization
For those concerned about malware on a USB drive infecting an energy asset McAfee Device Control protects critical data and devices by controlling the use of removable media It provides tools to monitor and control data transfers between energy assets and USB drives CDs and DVDs among others Integration with McAfee ePolicy Orchestrator (McAfee ePO) facilitates the monitoring of critical usage data such as device time stamp and data evidence IT organizations can specify in detail which devices can be connected and what content can and cannot be transferred with removable storage McAfee Device Control depicted in Figure 2 enables organizations to implement data security regulations without suppressing the flow of vital information
The Power of Two ApproachesIntel and McAfee have developed solutions that combine hardware- and software-based security solutions which results in a more robust solution than either individually Two examples include
McAfee ePO Deep Command with Intel AMT
McAfee ePO software the foundation of the McAfee Security Management solution unifies management of endpoints networks data and compliance solutions The software enables IT organizations to centrally manage security and achieve dramatic efficiencies Used to manage nearly 60 million nodes the software increases overall visibility across security management activities thereby improving protection
In addition to being one of the most advanced security management software solutions available McAfee ePO combined with Intel AMT lowers the cost to service endpoints by minimizing the number of expensive onsite visits needed to address security incidents or equipment failure Security administrators can deploy manage and update security and device software on disabled or powered-off endpoints This is possible because Intel AMT establishes an out-of-band (OOB) connection to the endpoint that allows IT departments to take control of the device regardless of the hardware or software state ndash even a rogue device
The advantage of out-of-band (OOB) remediation ndash compared to typical in-band implementations ndash is it does not require a functioning operating system recovery application IP stack or network driver any of which could be compromised by malware (Figure 3) Using Intel AMT the device can be taken offline and replaced by a redundant failover device thus minimizing downtime Subsequently the breached device is cleansed by reloading its software image and then brought back online all remotely
In-band
Out-of-band
Operating System
Recovery Application
IP Stack
Network Driver
Intelreg Management Engine
Remediation
What must be functioning
Intelligent System
For more information about Intel vPro technology and intelligent systems visit wwwintelcomvpro and wwwintelcomintelligentsystems
1 No system can provide absolute security Requires an Intelreg OS Guardndashenabled system with a 3rd Generation Intelreg Coretrade vProtrade processor and an enabled operating system Consult your system manufacturer for more information
2 Intelreg Advanced Encryption Standard New Instructions (Intelreg AES-NI) requires a computer system with an Intel AES-NI-enabled processors as well as non-Intelreg software to execute the instruc-tions in the correct sequence Intel AES-NI is available on select Intelreg Coretrade processors For availability consult your system manufacturer For more information visit httpsoftwareintelcomen-usarticlesintel-advanced-encryption-standard-instructions-aes-ni
3 Performance results have been estimated based on internal Intel analysis and are provided for informational purposes only Any difference in system hardware or software design or configuration may affect actual performance
4 Source httpwwwintelcomcontentwwwusencloud-computingcloud-computing-intel-aes-instructions-demo-briefhtml5 Intelreg Active Management Technology (Intelreg AMT) requires the platform to have an Intel AMT-enabled chipset network hardware and software as well as connection with a power source and a
corporate network connection With regards to notebooks Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly on battery power sleeping hibernating or powered off For more information see httpwwwintelcomtechnologymanageiamt
6 Intelreg Virtualization Technology (Intelreg VT) requires a computer system with an enabled Intelreg processor BIOS virtual machine monitor (VMM) and for some uses certain platform software en-abled for it Functionality performance or other benefits will vary depending on hardware and software configurations and may require a BIOS update Software applications may not be compatible with all operating systems Please check with your application vendor
Copyright copy 2012 Intel Corporation All rights reserved Intel the Intel logo Intel vPro and Intel Core are trademarks of Intel Corporation in the United States and other countries Other names and brands may be claimed as the property of others Printed in USA 0712LSTMPDF Please Recycle 327679-001US
McAfee Deep Defender with Intelreg Virtualization Technology (Intelreg VT)6
Stealthy malware can attack intelligent systems by maneuvering around antivirus and other operating system-based defenses This can occur when low-level malware exploits the inherent security weaknesses of the OS hiding its presence so that the system appears normal as it boots up The invisible malware is free to spread infection deactivate countermeasures and steal network credentials or confidential information Restoration for compromised endpoints requires full re-imaging which consumes valuable IT resources
McAfee and Intel have teamed up to defeat these attacks with hardware-enabled protection that operates between the CPU and the OS protecting components that reside in physical memory
McAfee Deep Defender gains a trusted view of the drivers and other software as they operate and can detect and clean threats that load before during and after the OS McAfee Deep Defender creates a memory software layer using Intel VT that allows it to provide highly robust memory and CPU event protection with minimal performance impact
Insist on Better Endpoint Security SolutionsAlthough not typically the target of cyber attacks intelligent systems can become ldquocollateral damagerdquo in a malware outbreak or even be the weak link that opens the door to a cyber attack However the endpoint security solutions implemented on these embedded devices may be subpar compared to other devices on the network lacking the security capabilities needed to fight more aggressive threats on the horizon Computer manufacturers are raising the bar by offering security protection in devices based on Intel vPro technology Its critical to ensure all intelligent systems connected to the network benefit from the latest technology as well
When an intelligent system is based on an Intelreg processor stipulate a robust endpoint security solution including
bull A computing system based on Intel Core vPro processor
bull McAfee ePO Deep Command
bull McAfee Embedded Control
bull McAfee Application Whitelisting to protect fixed function devices
bull McAfee Deep Defender
bull McAfee Total Protection for Enterprise
bull McAfee Endpoint Encryption
2
Figure 1 New Intel Instructions Dramatically Speed Up Encryption Rates4
Why Computing Hardware Matters for SecurityOver many years Intel has delivered ever-increasing processor performance per Moores law These enhancements are complemented by other computing platform improvements some of which improve security As a result those buying the latest Intelreg platforms with Intelreg vProtrade technology usually benefit from some of the latest security advances These features can be categorized by the amount of end-user effort required exemplified in the following
No effort ndash feature works without end user intervention
Example Intelreg OS Guard1 protects the operating system from escalation-of-privilege attacks by preventing malware from accessing critical operating system (OS) vectors or executing from application memory
Minimal effort ndash feature must be employed by the application software
Example Encryption allows an organization to secure its confidential information and application software employing Intelreg Advanced Encryption Standard New Instructions (Intelreg AES-NI)2 can speed up data encryption by up to four times (serial mode) or ten times (parallel mode) without slowing down the system as illustrated in Figure 13
Considerable effort ndash feature must be integrated into the IT support environment
Example Among many advanced remote management functions Intelreg Active Management Technology (Intelreg AMT)5 enables IT professionals to gain control of an infected system and restore its software image regardless of its software state Intel AMT is a key ingredient in Intel vPro technology
Hardware-based security features generally are built into the key platform components such as the CPU chipset network interface cards (NICs) and trusted platform modules (TPMs) For that reason they must be designed into the computer boards and cannot be added later so its necessary to specify these capabilities when systems are specd or purchased This can be done simply for x86-based systems with the following hardware request in the RFQ or RFP
The RFQ or RFP can also be used to request security software to be preloaded as in the example This can be beneficial when there is limited technical support at deployment sites like convenience stores where it may be necessary to install point-of-sale (POS) terminals kiosks or digital signage
Endpoint Security SoftwareFrom an IT perspective some intelligent systems such as bedside terminals and physician tablets are like typical employee computers running Microsoft Windows therefore it may be possible to secure and manage them with the same endpoint security software as other computer assets In this case the security solution will be defined by the organizations IT department and not the system manufacturer The IT department can install their preferred security software when deploying intelligent systems or ask the manufacturer to preload the software
Security support for other intelligent systems like industrial controllers and network appliances may require a different IT support model than standard PCs due to their dissimilarities such as running Linux or a real-time operating system One key difference may be the suitability of anti-virus software for these types of embedded devices there could be difficulty keeping virus signatures up-to-date or detecting and remediating malware Another issue is anti-virus solutions sometimes consume considerable computing resources which in the case of a safety-critical device could have an unacceptable impact on its performance
An alternative security approach
An emerging software technology is called application whitelisting which is particularly effective against zero-day attacks Whitelisting is well-suited for fixed-function devices running only known trusted software Permitted code ndash registered on a carefully controlled list ndash is allowed to execute while unknown software is prevented from running
Encryption Rate
4x
Increase
With Intelreg AES-NIPrevious Generation
Platform
Serial Mode
10x
Increase
With Intelreg AES-NIPrevious Generation
Platform
Parallel Mode
a Hardware
i Integrated computing systems should be based on
Intelreg vProtrade technology
b Preload Security Software
McAfee ePO Deep Command
McAfee Embedded Control
McAfee Application Whitelisting
McAfee Deep Defender
McAfee Total Protection for Enterprise
McAfee Endpoint Encryption
Security Solution
RFQRFP
Figure 2 McAfee Device Control Specifies Which Devices Can Be Used and What Data Can Be Copied
3
Figure 3 Difference between In-band and Out-of-band Remediation
When untrusted software attempts to run and gets blocked the whitelisting application alerts the management console prompting potential corrective action Whitelisting is a light approach using far less CPU and memory resources than anti-virus software
For more information read the Choosing Between Whitelisting and Blacklisting ndash Endpoint Security Software for Fixed Function Devices whitepaper at httpwwwintelcomcontentwwwusenenterprise-securityfixed-function-endpoint-security-software-briefhtml During the RFP and RFQ stage it may be useful to have a discussion with the intelligent system manufacturer about the tradeoffs between anti-virus and application whitelisting solutions
Protect critical data from leaving your organization
For those concerned about malware on a USB drive infecting an energy asset McAfee Device Control protects critical data and devices by controlling the use of removable media It provides tools to monitor and control data transfers between energy assets and USB drives CDs and DVDs among others Integration with McAfee ePolicy Orchestrator (McAfee ePO) facilitates the monitoring of critical usage data such as device time stamp and data evidence IT organizations can specify in detail which devices can be connected and what content can and cannot be transferred with removable storage McAfee Device Control depicted in Figure 2 enables organizations to implement data security regulations without suppressing the flow of vital information
The Power of Two ApproachesIntel and McAfee have developed solutions that combine hardware- and software-based security solutions which results in a more robust solution than either individually Two examples include
McAfee ePO Deep Command with Intel AMT
McAfee ePO software the foundation of the McAfee Security Management solution unifies management of endpoints networks data and compliance solutions The software enables IT organizations to centrally manage security and achieve dramatic efficiencies Used to manage nearly 60 million nodes the software increases overall visibility across security management activities thereby improving protection
In addition to being one of the most advanced security management software solutions available McAfee ePO combined with Intel AMT lowers the cost to service endpoints by minimizing the number of expensive onsite visits needed to address security incidents or equipment failure Security administrators can deploy manage and update security and device software on disabled or powered-off endpoints This is possible because Intel AMT establishes an out-of-band (OOB) connection to the endpoint that allows IT departments to take control of the device regardless of the hardware or software state ndash even a rogue device
The advantage of out-of-band (OOB) remediation ndash compared to typical in-band implementations ndash is it does not require a functioning operating system recovery application IP stack or network driver any of which could be compromised by malware (Figure 3) Using Intel AMT the device can be taken offline and replaced by a redundant failover device thus minimizing downtime Subsequently the breached device is cleansed by reloading its software image and then brought back online all remotely
In-band
Out-of-band
Operating System
Recovery Application
IP Stack
Network Driver
Intelreg Management Engine
Remediation
What must be functioning
Intelligent System
For more information about Intel vPro technology and intelligent systems visit wwwintelcomvpro and wwwintelcomintelligentsystems
1 No system can provide absolute security Requires an Intelreg OS Guardndashenabled system with a 3rd Generation Intelreg Coretrade vProtrade processor and an enabled operating system Consult your system manufacturer for more information
2 Intelreg Advanced Encryption Standard New Instructions (Intelreg AES-NI) requires a computer system with an Intel AES-NI-enabled processors as well as non-Intelreg software to execute the instruc-tions in the correct sequence Intel AES-NI is available on select Intelreg Coretrade processors For availability consult your system manufacturer For more information visit httpsoftwareintelcomen-usarticlesintel-advanced-encryption-standard-instructions-aes-ni
3 Performance results have been estimated based on internal Intel analysis and are provided for informational purposes only Any difference in system hardware or software design or configuration may affect actual performance
4 Source httpwwwintelcomcontentwwwusencloud-computingcloud-computing-intel-aes-instructions-demo-briefhtml5 Intelreg Active Management Technology (Intelreg AMT) requires the platform to have an Intel AMT-enabled chipset network hardware and software as well as connection with a power source and a
corporate network connection With regards to notebooks Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly on battery power sleeping hibernating or powered off For more information see httpwwwintelcomtechnologymanageiamt
6 Intelreg Virtualization Technology (Intelreg VT) requires a computer system with an enabled Intelreg processor BIOS virtual machine monitor (VMM) and for some uses certain platform software en-abled for it Functionality performance or other benefits will vary depending on hardware and software configurations and may require a BIOS update Software applications may not be compatible with all operating systems Please check with your application vendor
Copyright copy 2012 Intel Corporation All rights reserved Intel the Intel logo Intel vPro and Intel Core are trademarks of Intel Corporation in the United States and other countries Other names and brands may be claimed as the property of others Printed in USA 0712LSTMPDF Please Recycle 327679-001US
McAfee Deep Defender with Intelreg Virtualization Technology (Intelreg VT)6
Stealthy malware can attack intelligent systems by maneuvering around antivirus and other operating system-based defenses This can occur when low-level malware exploits the inherent security weaknesses of the OS hiding its presence so that the system appears normal as it boots up The invisible malware is free to spread infection deactivate countermeasures and steal network credentials or confidential information Restoration for compromised endpoints requires full re-imaging which consumes valuable IT resources
McAfee and Intel have teamed up to defeat these attacks with hardware-enabled protection that operates between the CPU and the OS protecting components that reside in physical memory
McAfee Deep Defender gains a trusted view of the drivers and other software as they operate and can detect and clean threats that load before during and after the OS McAfee Deep Defender creates a memory software layer using Intel VT that allows it to provide highly robust memory and CPU event protection with minimal performance impact
Insist on Better Endpoint Security SolutionsAlthough not typically the target of cyber attacks intelligent systems can become ldquocollateral damagerdquo in a malware outbreak or even be the weak link that opens the door to a cyber attack However the endpoint security solutions implemented on these embedded devices may be subpar compared to other devices on the network lacking the security capabilities needed to fight more aggressive threats on the horizon Computer manufacturers are raising the bar by offering security protection in devices based on Intel vPro technology Its critical to ensure all intelligent systems connected to the network benefit from the latest technology as well
When an intelligent system is based on an Intelreg processor stipulate a robust endpoint security solution including
bull A computing system based on Intel Core vPro processor
bull McAfee ePO Deep Command
bull McAfee Embedded Control
bull McAfee Application Whitelisting to protect fixed function devices
bull McAfee Deep Defender
bull McAfee Total Protection for Enterprise
bull McAfee Endpoint Encryption
Figure 2 McAfee Device Control Specifies Which Devices Can Be Used and What Data Can Be Copied
3
Figure 3 Difference between In-band and Out-of-band Remediation
When untrusted software attempts to run and gets blocked the whitelisting application alerts the management console prompting potential corrective action Whitelisting is a light approach using far less CPU and memory resources than anti-virus software
For more information read the Choosing Between Whitelisting and Blacklisting ndash Endpoint Security Software for Fixed Function Devices whitepaper at httpwwwintelcomcontentwwwusenenterprise-securityfixed-function-endpoint-security-software-briefhtml During the RFP and RFQ stage it may be useful to have a discussion with the intelligent system manufacturer about the tradeoffs between anti-virus and application whitelisting solutions
Protect critical data from leaving your organization
For those concerned about malware on a USB drive infecting an energy asset McAfee Device Control protects critical data and devices by controlling the use of removable media It provides tools to monitor and control data transfers between energy assets and USB drives CDs and DVDs among others Integration with McAfee ePolicy Orchestrator (McAfee ePO) facilitates the monitoring of critical usage data such as device time stamp and data evidence IT organizations can specify in detail which devices can be connected and what content can and cannot be transferred with removable storage McAfee Device Control depicted in Figure 2 enables organizations to implement data security regulations without suppressing the flow of vital information
The Power of Two ApproachesIntel and McAfee have developed solutions that combine hardware- and software-based security solutions which results in a more robust solution than either individually Two examples include
McAfee ePO Deep Command with Intel AMT
McAfee ePO software the foundation of the McAfee Security Management solution unifies management of endpoints networks data and compliance solutions The software enables IT organizations to centrally manage security and achieve dramatic efficiencies Used to manage nearly 60 million nodes the software increases overall visibility across security management activities thereby improving protection
In addition to being one of the most advanced security management software solutions available McAfee ePO combined with Intel AMT lowers the cost to service endpoints by minimizing the number of expensive onsite visits needed to address security incidents or equipment failure Security administrators can deploy manage and update security and device software on disabled or powered-off endpoints This is possible because Intel AMT establishes an out-of-band (OOB) connection to the endpoint that allows IT departments to take control of the device regardless of the hardware or software state ndash even a rogue device
The advantage of out-of-band (OOB) remediation ndash compared to typical in-band implementations ndash is it does not require a functioning operating system recovery application IP stack or network driver any of which could be compromised by malware (Figure 3) Using Intel AMT the device can be taken offline and replaced by a redundant failover device thus minimizing downtime Subsequently the breached device is cleansed by reloading its software image and then brought back online all remotely
In-band
Out-of-band
Operating System
Recovery Application
IP Stack
Network Driver
Intelreg Management Engine
Remediation
What must be functioning
Intelligent System
For more information about Intel vPro technology and intelligent systems visit wwwintelcomvpro and wwwintelcomintelligentsystems
1 No system can provide absolute security Requires an Intelreg OS Guardndashenabled system with a 3rd Generation Intelreg Coretrade vProtrade processor and an enabled operating system Consult your system manufacturer for more information
2 Intelreg Advanced Encryption Standard New Instructions (Intelreg AES-NI) requires a computer system with an Intel AES-NI-enabled processors as well as non-Intelreg software to execute the instruc-tions in the correct sequence Intel AES-NI is available on select Intelreg Coretrade processors For availability consult your system manufacturer For more information visit httpsoftwareintelcomen-usarticlesintel-advanced-encryption-standard-instructions-aes-ni
3 Performance results have been estimated based on internal Intel analysis and are provided for informational purposes only Any difference in system hardware or software design or configuration may affect actual performance
4 Source httpwwwintelcomcontentwwwusencloud-computingcloud-computing-intel-aes-instructions-demo-briefhtml5 Intelreg Active Management Technology (Intelreg AMT) requires the platform to have an Intel AMT-enabled chipset network hardware and software as well as connection with a power source and a
corporate network connection With regards to notebooks Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly on battery power sleeping hibernating or powered off For more information see httpwwwintelcomtechnologymanageiamt
6 Intelreg Virtualization Technology (Intelreg VT) requires a computer system with an enabled Intelreg processor BIOS virtual machine monitor (VMM) and for some uses certain platform software en-abled for it Functionality performance or other benefits will vary depending on hardware and software configurations and may require a BIOS update Software applications may not be compatible with all operating systems Please check with your application vendor
Copyright copy 2012 Intel Corporation All rights reserved Intel the Intel logo Intel vPro and Intel Core are trademarks of Intel Corporation in the United States and other countries Other names and brands may be claimed as the property of others Printed in USA 0712LSTMPDF Please Recycle 327679-001US
McAfee Deep Defender with Intelreg Virtualization Technology (Intelreg VT)6
Stealthy malware can attack intelligent systems by maneuvering around antivirus and other operating system-based defenses This can occur when low-level malware exploits the inherent security weaknesses of the OS hiding its presence so that the system appears normal as it boots up The invisible malware is free to spread infection deactivate countermeasures and steal network credentials or confidential information Restoration for compromised endpoints requires full re-imaging which consumes valuable IT resources
McAfee and Intel have teamed up to defeat these attacks with hardware-enabled protection that operates between the CPU and the OS protecting components that reside in physical memory
McAfee Deep Defender gains a trusted view of the drivers and other software as they operate and can detect and clean threats that load before during and after the OS McAfee Deep Defender creates a memory software layer using Intel VT that allows it to provide highly robust memory and CPU event protection with minimal performance impact
Insist on Better Endpoint Security SolutionsAlthough not typically the target of cyber attacks intelligent systems can become ldquocollateral damagerdquo in a malware outbreak or even be the weak link that opens the door to a cyber attack However the endpoint security solutions implemented on these embedded devices may be subpar compared to other devices on the network lacking the security capabilities needed to fight more aggressive threats on the horizon Computer manufacturers are raising the bar by offering security protection in devices based on Intel vPro technology Its critical to ensure all intelligent systems connected to the network benefit from the latest technology as well
When an intelligent system is based on an Intelreg processor stipulate a robust endpoint security solution including
bull A computing system based on Intel Core vPro processor
bull McAfee ePO Deep Command
bull McAfee Embedded Control
bull McAfee Application Whitelisting to protect fixed function devices
bull McAfee Deep Defender
bull McAfee Total Protection for Enterprise
bull McAfee Endpoint Encryption
For more information about Intel vPro technology and intelligent systems visit wwwintelcomvpro and wwwintelcomintelligentsystems
1 No system can provide absolute security Requires an Intelreg OS Guardndashenabled system with a 3rd Generation Intelreg Coretrade vProtrade processor and an enabled operating system Consult your system manufacturer for more information
2 Intelreg Advanced Encryption Standard New Instructions (Intelreg AES-NI) requires a computer system with an Intel AES-NI-enabled processors as well as non-Intelreg software to execute the instruc-tions in the correct sequence Intel AES-NI is available on select Intelreg Coretrade processors For availability consult your system manufacturer For more information visit httpsoftwareintelcomen-usarticlesintel-advanced-encryption-standard-instructions-aes-ni
3 Performance results have been estimated based on internal Intel analysis and are provided for informational purposes only Any difference in system hardware or software design or configuration may affect actual performance
4 Source httpwwwintelcomcontentwwwusencloud-computingcloud-computing-intel-aes-instructions-demo-briefhtml5 Intelreg Active Management Technology (Intelreg AMT) requires the platform to have an Intel AMT-enabled chipset network hardware and software as well as connection with a power source and a
corporate network connection With regards to notebooks Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly on battery power sleeping hibernating or powered off For more information see httpwwwintelcomtechnologymanageiamt
6 Intelreg Virtualization Technology (Intelreg VT) requires a computer system with an enabled Intelreg processor BIOS virtual machine monitor (VMM) and for some uses certain platform software en-abled for it Functionality performance or other benefits will vary depending on hardware and software configurations and may require a BIOS update Software applications may not be compatible with all operating systems Please check with your application vendor
Copyright copy 2012 Intel Corporation All rights reserved Intel the Intel logo Intel vPro and Intel Core are trademarks of Intel Corporation in the United States and other countries Other names and brands may be claimed as the property of others Printed in USA 0712LSTMPDF Please Recycle 327679-001US
McAfee Deep Defender with Intelreg Virtualization Technology (Intelreg VT)6
Stealthy malware can attack intelligent systems by maneuvering around antivirus and other operating system-based defenses This can occur when low-level malware exploits the inherent security weaknesses of the OS hiding its presence so that the system appears normal as it boots up The invisible malware is free to spread infection deactivate countermeasures and steal network credentials or confidential information Restoration for compromised endpoints requires full re-imaging which consumes valuable IT resources
McAfee and Intel have teamed up to defeat these attacks with hardware-enabled protection that operates between the CPU and the OS protecting components that reside in physical memory
McAfee Deep Defender gains a trusted view of the drivers and other software as they operate and can detect and clean threats that load before during and after the OS McAfee Deep Defender creates a memory software layer using Intel VT that allows it to provide highly robust memory and CPU event protection with minimal performance impact
Insist on Better Endpoint Security SolutionsAlthough not typically the target of cyber attacks intelligent systems can become ldquocollateral damagerdquo in a malware outbreak or even be the weak link that opens the door to a cyber attack However the endpoint security solutions implemented on these embedded devices may be subpar compared to other devices on the network lacking the security capabilities needed to fight more aggressive threats on the horizon Computer manufacturers are raising the bar by offering security protection in devices based on Intel vPro technology Its critical to ensure all intelligent systems connected to the network benefit from the latest technology as well
When an intelligent system is based on an Intelreg processor stipulate a robust endpoint security solution including
bull A computing system based on Intel Core vPro processor
bull McAfee ePO Deep Command
bull McAfee Embedded Control
bull McAfee Application Whitelisting to protect fixed function devices
bull McAfee Deep Defender
bull McAfee Total Protection for Enterprise
bull McAfee Endpoint Encryption