A.P. Lawrence

Information and Resources for Unix and Linux Systems
Bloggers and the self-employed

Home
Kerio
Sections
- MacOSX
- Linux
- Blogging
- Self-Employment
- Support
Contents
- Most Popular
- Browse All Topics
- Newest Articles
- Random Page
- Surveys
Tests
- Linux
- Mac OS X
- SCO Unix
- Perl
Resources
- Site Forum
- Write for this site
- Find a Consultant
- Contact Info
- RSS Feeds
- Store
- Advertise Here
- Disclaimer
Help
- About
- Rates
- Copyrights
- Contact
- Support

(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Kerio Reseller
Printer Friendly Version

Intel's vPro

Intel introduced vPro yesterday: http://www.intel.com/vpro/index.htm

There are two parts to Intel's vision for business desktops: management and security. Intel says there are three parts, counting energy management as the third. Oh, OK. Three parts.

Hate these ads?

All of this comes from virtualization software. Your vPro desktop will be running a virtual machine, and therefore can be protected and managed as such. Somewhere a controlling server tracks the desktop PC's and gives this remote capabilities. All very interesting, Go watch the videos to get the details.

However, the first question in my mind was "What about VMware, Xen, etc.?".

It's not clear to me what's really being done here. Is the user's OS installed under the vPro VM? If I'm reading this right, that's exactly what's being done. If so, that would seem to prevent running another VM inside that OS.

In other words, if Intel is running a hypervisor in hardware, could these machines also run VMware Player, Xen or whatever in the user's OS? I'd think not. True, in a corporate environment that may not be as important for invidual pc's, but it still could be desirable for things like secure browsers and other VMware Player apps. Developers also want VM's for testing on different OSEs or different OS versions, so the usage of machines like this might be limited.

Or perhaps I misunderstood?

Comments /Security/vpro.html

Thu Apr 27 11:56:40 2006: Subject: drag
Na, I don't think it includes a hypervisor per say. In their 'white paper' they mentioned "third party software" several times.

I think they lumped the Vanderpool stuff as part of the 'vPro' solution, but that's only a small part. That 'vPro' is a few different things intel has done that they thought sounded cool if they tried to make it look like some huge new concept.

I beleive a major part of what they are talking about is a on-board management console built into the hardware. Like a more advanced BIOS or whatnot that can be accessed over the network. That way you have some sort of management console that you can do things like find out what 'Vpro'-enabled PCs are attatched to the network and their configuration. Maybe also provide a boot menu or have the ability to restart the computer or some other stuff like that.

Keep in mind that I've haven't looked to far into it, but I've seen little things here and there about network management features when looking up information on Intel's motherboard chipsets.

For example here is a little 2 page PDF advertising Novell Zenwork's ability to do (what it sounds like at least) things like reload a system image over a network automaticly.
http://www.intel.com/technology/manage/downloads/306433.pdf

So say your a unfortunate person in charge of managing dozens of Windows XP machines. You have a system image that you use to install on all the machines. Now those XP machines get rooted by some IE virus or worm. It looks like you can then use Zenworks to pretty much automaticly have those machines wipe the harddrive and load the system image over it remotely over a network.

It'll be interesting to see what sort of security features Intel has to prevent some kid from walking into a building with a notebook and wiping out half the network as a practical joke.

Thu Apr 27 12:22:33 2006: Subject: TonyLawrence
No, they definitely said that the security and managent software is running in a VM. They touted that as keeping the A/V software more secure, etc.

Sat Apr 29 11:14:10 2006: Subject: TonyLawrence
Here's a link to an article that discusses the problem of vPro doing its own thing with virtualization: http://blogs.zdnet.com/BTL/?p=2934 (see the last few paragraphs particularly). It confirms what I thought: the user's OS is running in a VM:.

The same goes for the security solutions that Bryant says should be revolutionized by the virtualization technologies found in vPro. As if lack of any hypervisor standards isn't bad enough (Xen, Microsoft, and VMWare all use different hypervisor techs to host virtual machines), Intel is giving away a new (and fourth) hypervisor with a slightly different twist. It supports two partitions (using Intel's VT technology which has been shipping in Intel chips since last year), one of which is for the end users production operating system (eg: Windows) and the other which Bryant says is ideal to be an appliance with an embedded OS. For example a security appliance running intrusion detection software for the whole computer so the production operating system doesn't have to. Cool idea. But again, Intel is just now working with partners like Symantec to build the software that turns that sidecar partition into the appliance that Intel has in mind.

Add your comments

Why no "Digg this!" etc.?

On-Line Poker for cash prizes
Play LEGAL poker and win cash
$50,000 FREE Tournament August 31st!

Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)

Forget the expense of flying to New England. Forget hotel and meals costs.
Installation and light training Boston and New England

Printer Friendly Version

Views for this page
Today	This Week	This Month	This Year	Overall
2	16	95	838	3,714

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

Printer Friendly Version

More:

- Security

Unix/Linux Consultants

Your ad here - $24.00 yearly!

UBB Computer Services Support for Openserver, Unixware and Linux. Windows integration with Unix/Linux servers. Hardware, Backup and Networking issues. Located near Sacramento CA, we provide onsite support throughout Northern CA and Nationwide via remote access. We are a SCO Authorized Partner and a Microlite BackupEdge Certified Reseller.

http://www.cleverminds.net Need expert advice? Want a second opinion? CleverMinds is a one-stop-shop for a wide range of technology solutions. We support Unix, Linux, SCO as well as CMS, ecom, blogs, podcasts, search engines consulting and more. Contact us at web2.0@cleverminds.net 0r (617) 894-1282

larryi@ccamedical.com SCO OS5, Debian Linux, RedHat Linux, MySQL, Apache, AJAX development using dXport/dL4/Unibasic, Windows Connectivity, Sharing Resouces, Automation, Shell Scripting

Coming Attractions

My Favorites