Latest Softwares,Software Download,Rapidshare

Intel vPro technology is a set of features built into a PC’s motherboard and other hardware. Intel vPro is not the PC itself, nor is it a single set of management features (such as Intel Active Management Technology (Intel AMT)) for sys-admins. Intel vPro is a combination of processor technologies, hardware enhancements, management features, and security technologies that allow remote access to the PC -- including monitoring, maintenance, and management -- independently of the state of the operating system (OS) or power state of the PC. Intel vPro is intended to help businesses gain certain maintenance and servicing advantages, security improvements, and cost benefits in information technology (IT) areas.

Relationships between Intel vPro, Intel AMT, Intel Centrino 2, and Intel Core 2

The numerous Intel brands can be confusing. The key differences between vPro (a platform), AMT (a technology), Centrino 2 (a package of technologies), and Core 2 (a processor) are as follows:

Intel Core 2 Duo or Quad processors are central processing units (CPUs), the brains of the PC. Intel Centrino 2 processor technology is a package of technologies that includes the Intel Core 2 Duo. Intel Centrino 2 is designed for mobile PCs, such as laptops and other small devices. Core 2 and Centrino 2 have evolved to use Intel's latest 45-nm manufacturing processes, have multi-core processing, and are designed for multithreading.

Intel vPro technology is a set of technologies built into the hardware of the laptop or desktop PC. The technology is targeted at businesses, not consumers. A PC with vPro includes Intel AMT, Intel Virtualization Technology (Intel VT), Intel Trusted Execution Technology (Intel TXT), a gigabit network connection, and so on. You can have a PC with a Core 2 processor, without vPro built in. However, vPro features require a PC with at least a Core 2 or Centrino processor. Current versions of vPro are built into PCs with Core 2 Duo or Quad processors or Centrino 2 processors.

Intel AMT is part of the Intel Management Engine, which is built into PCs with Intel vPro technology. Intel AMT is a set of remote management and security features designed into the PC’s hardware and which allow a sys-admin with AMT security privileges to access system information and perform specific remote operations on the PC. These operations include remote power up/down (via wake on LAN), remote / redirected boot (via integrated device electronics redirect, or IDE-R), console redirection (via serial over LAN), and other remote management and security features.

Intel vPro technology Features

Intel vPro is a “platform” or set of PC hardware features. PCs with vPro have three main elements: 1) Core 2 Duo/Quad or Centrino 2 processor for business applications; 2) integrated components (such as 64-bit graphics) to reduce the number of discrete components in the system; and 3) hardware-based management and security technology (such as Intel AMT).
A vPro PC includes:

* Multi-core, multi-threaded Intel Core 2 Duo or Quad processors.
* Intel Active Management Technology (Intel AMT), a set of hardware-based features targeted at businesses and which allow remote access to the PC for management and security tasks, when an OS is down or PC power is off. Note that AMT is not the same as Intel vPro; AMT is only one element of a vPro PC.
* Remote configuration technology for AMT, with certificate-based security. Remote configuration can be performed on “bare-bones” systems, before the OS and/or software management agents are installed.
* Wired and wireless (laptop) network connection.
* Intel Trusted Execution Technology (Intel TXT), which is used to verify a launch environment and establish the root of trust, which in turn allows software to build a chain of trust for virtualized environments. Intel TXT also protects secrets during power transitions for both orderly and disorderly shutdowns (a traditionally vulnerable period for security credentials).
* Support for IEEE 802.1x, Cisco Self Defending Network (SDN), and Microsoft Network Access Protection (NAP) in laptops, and support for 802.1x and Cisco SDN in desktop PCs. Support for these security technologies allows Intel vPro to store the security posture of a PC so that the network can authenticate the system before the OS and applications load, and before the PC is allowed access to the network.
* Intel Virtualization Technology, including Intel VT for memory, CPU, and Directed I/O, to support virtualized environments. Intel VT is hardware-based technology, not software-based virtualization. Intel VT lets you run multiple OSs (traditional virtualization) on the same PC or run a specialized or critical application in a separate space -- a virtual PC on the physical system -- in order to help protect the application or privacy of sensitive information.
* Execute Disable Bit which, when supported by the OS, can help prevent some types of buffer overflow attacks.
* Support for Microsoft Windows Vista, including Microsoft Windows Vista BitLocker with an industry-standard Trusted Platform Module version 1.2 and Intel graphics support for Windows Vista AERO graphical user interface.

Remote-Management Features

Intel AMT is the set of management and security features built into vPro PCs and which are intended to make it easier for a sys-admin to monitor, maintain, secure, and service PCs. Intel AMT (the management technology) is sometimes mistaken for being the same as Intel vPro (the PC "platform"), because AMT is one of the most visible technologies of an Intel vPro-based PC.

Intel AMT includes:

* Encrypted remote power up/down/reset (via wake on LAN, or WOL)
* Remote/redirected boot (via integrated device electronics redirect, or IDE-R)
* Console redirection (via serial over LAN, or SOL)
* Preboot access to BIOS settings
* Programmable filtering for inbound and outbound network traffic
* Agent presence checking
* Out-of-band policy-based alerting
* Access to system information, such as the PC’s universal unique ID (UUID), hardware asset information, persistent event logs, and other information that is stored in dedicated memory (not on the hard drive) where it is accessible even if the OS is down or the PC is powered off.

Hardware-based management has been available in the past, but it has been limited to auto-configuration using DHCP or BOOTP for dynamic IP allocation and diskless workstations, as well as Wake On LAN for remotely powering on systems.

Wireless Communication

Intel vPro supports encrypted wired and wireless LAN wireless communication for all remote management features for PCs inside the corporate firewall. Intel vPro supports encrypted communication for some remote management features for wired and wireless LAN PCs outside the corporate firewall.

Wireless Communication for Laptops

Laptops with vPro include a gigabit network connection and support IEEE 802.11 a/g/n wireless protocols.

Wireless Communication for Intel AMT

Intel vPro PCs support wireless communication to the AMT features.

For wireless laptops on battery power, communication with AMT features can occur when the system is awake and connected to the corporate network. This communication is available if the OS is down or management agents are missing.

AMT out-of-band communication and some AMT features are available for wireless or wired laptops connected to the corporatenetwork over a host OS-based virtual private network (VPN) when laptops are awake and working properly.

Encrypted Communication while Roaming

Intel vPro PCs support encrypted communication while roaming.

vPro PCs version 4.0 or higher support security for mobile communications by establishing a secure tunnel for encrypted AMT communication with the managed service provider when roaming (operating on an open, wired LAN outside the corporate firewall). Secure communication with AMT can be established if the laptop is powered down or the OS is disabled. The AMT encrypted communication tunnel is designed to allow sys-admins to access a laptop or desktop PC at satellite offices where there is no on-site proxy server or management server appliance.

Secure communications outside the corporate firewall depends on adding a new element -- a management presence server (Intel calls this a “vPro-enabled gateway”) -- to the network infrastructure. This will require integration with network switch manufacturers, firewall vendors, and vendors who design management consoles in order to create an infrastructure that supports encrypted roaming communication. So although encrypted roaming communication is enabled as a feature in vPro PCs version 4.0 and higher, the feature may not be fully useful (except in having a "ready" PC) until the infrastructure is functional.

Security and Intel vPro PCs

vPro security technologies and methodologies are designed into the PC’s chipset and other system hardware. Because the vPro security technologies are designed into system hardware instead of software, they are less vulnerable to hackers, computer viruses, computer worms, and other threats that typically affect an OS or software applications installed at the OS level (such as virus scan, antispyware, inventory, and other security or management applications).

For example, during deployment of vPro PCs, security credentials, keys, and other critical information are stored in protected memory (not on the hard disk drive), and erased when no longer needed.

Intel vPro Security Features

Intel vPro supports industry-standard methodologies and protocols, as well as other vendors’ security features:

* Intel Trusted Execution Technology (Intel TXT).
* Industry-standard Trusted Platform Module version 1.2 (TPM).
* Support for IEEE 802.1x, Preboot Execution Environment (PXE), Cisco Self Defending Network (SDN), and Microsoft Network Access Protection (NAP) in laptops, and support for IEEE 802.1x, Preboot Execution Environment (PXE), and Cisco Self Defending Network (SDN) in desktop PCs.
* Execute Disable Bit.
* Intel Virtualization Technology (Intel VT).

Intel vPro Security Technologies and Methodologies

Intel vPro uses several industry-standard security technologies and methodologies to secure the remote vPro communication channel. These technologies and methodologies also improve security for accessing the PC’s critical system data, BIOS settings, Intel AMT management features, and other sensitive features or data; and protect security credentials and other critical information during deployment (setup and configuration of Intel AMT) and vPro use.

* Transport layer security protocol, including pre-shared key TLS (TLS-PSK) to secure communications over the out-of-band network interface. The TLS implementation uses AES 128-bit encryption and RSA keys with modulus lengths of 2048 bits.
* HTTP digest authentication protocol as defined in RFC 2617. The management console authenticates IT administrators who manage PCs with Intel AMT
* Single sign-on to Intel AMT with Microsoft Windows domain authentication, based on the Microsoft Active Directory and Kerberos protocols.
* A pseudorandom number generator (PRNG) in the firmware of the AMT PC, which generates high-quality session keys for secure communication.
* Only digitally signed firmware images (signed by Intel) are permitted to load and execute.
* Tamper-resistant and access-controlled storage of critical management data, via a protected, persistent (nonvolatile) data store (a memory area not on the hard drive) in the Intel AMT hardware.
* Access control lists for Intel AMT realms and other management functions.