Intel’s vPro platform was a revolution in PC architecture when it arrived in 2006, but the technology underpinning it has a background dating back much further. Over its illustrious history, it has grown and developed into the world’s most comprehensive hardware-based security solution for business. Here we trace the origins of the platform and look to the future, showing how the technology has gone from strength to strength, with even greater features on the horizon.
Solid basis of virtualisation
“If you go right back, Intel vPro sits on the company’s long history of emphasis on desktop management, which started in 1992 with the formation of the Desktop Management Task Force,” says Michael Norquist, business client planning director at Intel. But the main technical underpinnings arrived in 2004 with Intel Virtualisation Technology (VT-x) for CPU and memory. This was then augmented by Intel Virtualisation Technology (VT-d), which handles directed I/O, in 2006, and marked the arrival of the Intel vPro platform.
In other words, virtualisation has been a fundamental part of the platform for its entire existence. “Virtualisation has allowed us to segregate and containerise,” explains Nordquist. “The workloads and secrets can be isolated, and the web browser can sit in its own isolated space.” Virtualisation is best known through its application in cloud computing, particularly Virtual Desktop Infrastructure. But its application in the Intel vPro platform is key to how the technology provides unparalleled control for remote management as well as preventing malicious code from using a weakness in one area to compromise another.
By keeping various layers of computing activity within separate virtualised spaces and controlling direct access the operating system and applications have to hardware, the Intel vPro platform provides two benefits. It can offer a secure network-accessible layer beneath the operating system and applications for remote management, and it also enables the separation of software from tampering with the UEFI BIOS, since this loads via secure boot below the level of the hypervisor managing the virtual machines for operating system and apps. Nordquist sees this core platform feature continuing to develop. “Virtualisation will include graphics acceleration, which is important now that remote workers are using videoconferencing software that can benefit greatly from GPU support.”
The management layer was the first killer feature of the Intel vPro platform, allowing remote system administration and fault fixing. Even if software or operating system problems were causing a system not to boot properly or become unstable, a remote engineer could access the system at a lower level to solve the problems over the network. This capability of the Intel vPro platform even has a potential future benefit for sustainability, according to Nordquist. “It provides a way to help wipe the system at end of life,” he says. “This makes it safe for dismantling into components or for re-use in another context. You can be absolutely sure all sensitive information has been removed before the system is passed on to the next phase of its lifecycle.” This is because the remote management capabilities make a secure-erase easy with no need for direct access to the system. Without this capability, the time it takes to erase a drive means that IT departments often just remove them and shred them, wasting perfectly usable hardware.
GPU-accelerated AI detecting hidden attacks
One of the fastest growing threats to the connected computing that now dominates every aspect of our lives is ransomware. Cyber criminals can infect your system with code that could remain dormant for months before activating, so it may even end up in your backups, making it hard to remove with a system restore. The typical method ransomware uses is to encrypt your data, then demand a fee (usually in cryptocurrency) for decryption.
The ransomware itself may be very cleverly hidden. But when it kicks into action to encrypt your data, this is where the AI-powered Intel® Threat Detection Technology (Intel® TDT) in the latest Intel vPro platform can prove invaluable. The AI technology harnesses the considerably increased performance of the Intel® Iris® Xe integrated graphics of the 11th Gen Intel vPro platform, using this to power its heuristic processes while maintaining a smooth experience for the system user. Both the CPU and integrated GPU have hardware enhancements for AI workloads, including Intel® Deep Learning Boost on the CPU, and Intel® Gaussian & Neural Accelerator (Intel® GNA) on the GPU.
“Having access to telemetry below the OS level lets you detect weird behaviour,” says Nordquist. “The system can read and combine with data pools, making more intelligent decisions.” This means the system can also heal itself, and Norquist sees this ability as a major part of how the Intel vPro platform will develop with future updates. “If people shut off my network stack, I’m blind.” In this scenario, it wouldn’t be possible for a system administrator to actively counteract a threat. But an AI-enhanced platform can protect itself and proactively spot unusual behaviour, restoring the system to full operation. It can also learn to detect new threats that haven’t specifically been discovered and mitigated for with software patches or firmware updates.
Security and manageability with performance overhead
These powerful features need to be available seamlessly, without affecting system performance. Microsoft Windows Defender can now leverage accelerated memory scanning on the GPU, which takes this workload away from the CPU, improving the user experience during everyday activities. “How we measure performance has changed,” says Nordquist. “Now we can turn on security without having a trade-off with performance.” Security that doesn’t affect user productivity is more robust, because the full range of features can be enabled all the time.
But it also needs to be available on every computing platform, including those requiring the highest level of power efficiency. The Intel® Evo™ vPro® Platform makes all these features available in even the most portable form factors. The powerful integrated GPUs in 11th Gen Intel® Core™ Processors mean thin and light notebooks can still offer AI-powered Intel TDT. Considering that these systems are most likely to be used on the move, having the full range of remote management and protection available is even more essential than an office-bound desktop computer.
For over 15 years, Intel’s vPro platform has delivered class-leading performance, manageability, security, and platform stability. The emphasis on remote working during the pandemic has put the spotlight on remote management. But AI-enabled predictive self-healing is the flipside of that coin, providing protection even when the system administrator can’t get network access from afar – protection that evolves and learns as new threats emerge. The Intel vPro platform will further enhance the power of its underlying virtualisation technology, provide greater AI-accelerated protection, and deliver these across a full range of form factors, including the most mobile. However the work environment and the threats against it develop over the coming years, the Intel vPro platform will be ready.
Learn more about the Intel vPro platform and what it can do for your business
