Intel Trusted Platforms Overview

(1)

Intel

–

Trusted Platforms Overview

Greg Clifton

Intel Customer Solutions Group

Director, DoD & Intelligence

(2)

2

Legal Disclaimer

y

y INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEINFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTELL®® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWI

PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO SE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EX

ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS CEPT AS PROVIDED IN INTEL

PROVIDED IN INTEL’’S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS

ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL

IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL®® PRODUCTS PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PART

INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR ICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIG

PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR HT OR OTHER INTELLECTUAL PROPERTY RIGHT. INTEL PRODUCTS ARE NOT INTEND

OTHER INTELLECTUAL PROPERTY RIGHT. INTEL PRODUCTS ARE NOT INTENDED FOR ED FOR USE IN MEDICAL, LIFE SAVING, OR LIFE SUSTAINING APPLICATIONS.

USE IN MEDICAL, LIFE SAVING, OR LIFE SUSTAINING APPLICATIONS.

y

y Intel may make changes to specifications and product descriptionIntel may make changes to specifications and product descriptions at any time, without notice.s at any time, without notice. y

y All products, dates, and figures specified are preliminary basedAll products, dates, and figures specified are preliminary based on current expectations, and are on current expectations, and are subject to change without notice.

subject to change without notice.

y

y Intel, processors, chipsets, and desktop boards may contain desiIntel, processors, chipsets, and desktop boards may contain design defects or errors known as gn defects or errors known as errata, which may cause the product to deviate from published sp

errata, which may cause the product to deviate from published specifications. Current ecifications. Current characterized errata are available on request.

characterized errata are available on request.

y

y Intel and the Intel logo are trademarks or registered trademarksIntel and the Intel logo are trademarks or registered trademarks of Intel Corporation or its of Intel Corporation or its subsidiaries in the United States and other countries.

subsidiaries in the United States and other countries.

y

y *Other names and brands may be claimed as the property of others*Other names and brands may be claimed as the property of others.. y

(3)

Intel

®

_Platforms

•

• Built-Built-in Manageabilityin Manageability

•

• PerformancePerformance

•

• Battery LifeBattery Life

Business Business Desktop Desktop Digital Digital Home Home Mobility Mobility •

• Proactive SecurityProactive Security

•

• Energy Efficient PerformanceEnergy Efficient Performance

•

• Ease of UseEase of Use

•

• ConnectivityConnectivity

•

• Uncompromised ConnectivityUncompromised Connectivity

•

• Innovative Form FactorInnovative Form Factor

•

• PerformancePerformance

Server Server

•

• Optimized Power & ThermalsOptimized Power & Thermals

•

• Reliable Data Intensive Reliable Data Intensive Computing

Computing

•

• Effective VirtualizationEffective Virtualization

Agenda:

y

It is an imperfect world

y

Building the foundation in 2006

y

The 2007

“

Weybridge

”

Platform

y

Solving the problems with Intel

vPro

™

technology

y

Conclusions

•

(4)

4

Today

’

s Challenges

y

Managing and Securing modern business clients is

more challenging than ever

–

Zero day malicious exploits create scenarios that patching alone

can

’

t resolve

–

Layered security improves platform protection capabilities

–

Optimized platform architecture removes bottlenecks, but also

introduces complexity

–

Damaged software or hardware can impair the ability to

remotely repair a client

y

Client PCs are not manageable when they need it

most, i.e. HW or SW problem or turned

“

off

”

.

1.

1. Desk

Desk

-

side visits & manual processes drive disproportionate

share of IT costs

–

Intel IT: ~10

-

15% of help desk calls require desk

-

side visit, but

drive ~50% of help desk costs

2. Security threats increasing, time to respond decreasing but

protections vulnerable to attack or user tampering

–

Time to exploit = 3 days; Time to vendor patch = 42 days

(5)

Intel

’

s Platform Solution

y

Utilize a set of technologies that work

together to:

–

Enable innovative solutions to solve these

problems

–

Create a new framework for a rich layered

security architecture

(6)

6

Intel

Intel CoreCoreTMTM_{2 Duo}_{2 Duo}

Reduced Chipset Reduced Chipset & Platform Power & Platform Power

Low Low Power Power Enhanced Enhanced Virtualization (VTd) Virtualization (VTd)

*Other names and brands may be claimed as the property of others

Evolving Intel

®

vPro

™

in 2007

–

“

Weybridge

”

Note: Certain features may be available only on particular SKUs Wolfdale CPU Wolfdale CPU Support Support Windows Vista* Windows Vista* Premium Logo Premium Logo eSATA*, Expanded eSATA*, Expanded USB*, Intel

USB*, Intel®®Rapid _Rapid

Recovery Technology Recovery Technology Intel Trusted Intel Trusted Execution Execution Technology Technology™™ Intel

Intel®®_Active_Active

Management Technology Management Technology 3.0 3.0 2007 Weybridge 2007 Weybridge Platform Platform Bearlake Family Bearlake Family Chipsets Chipsets

(7)

Intel

®

_{Virtualization Technology}

Hardware Platform

“Heavyweight” Virtual Machine Monitor

“Heavyweight” Virtual Machine Monitor User OS 1 User OS 2 User OS 3

App App App App App App Virtual

Machine 1 Machine 2Virtual Machine 3Virtual

Traditional Virtualization

Virtual Appliance Model

Hardware Platform

Hardware Platform User OS

App App App User Environment

Embedded OS

App

Virtual Appliance

Lightweight VMM

Virtual Appliance Partitions

• Generally headless • Fixed/specific function • Low OS profile

• Minimal management cost

• Minimal platform resource utilization • Minimal true/virtual HW mapped • OS state/power independent

Full OS Partitions

• Full OS capability • Multiple applications • Full HW suite available

• Generally virtualized devices • Maximum features and capability

agility

Make Virtualization Applicable to Mainstream

(8)

8

VT

-

d Direct I/O Overview

Phys Mem

Assigned

IO Devices

Virtual Machine Monitor (VMM)

Virtual

Machines

Physical driver

DMA Remap

Bearlake Family Bearlake Family Chipsets Chipsets

Software

remapping for

CPU based memory

access

(VT-d – a chipset technology)

(9)

VT

-

d : DMA based Protection and Remapping

for Virtual Appliances

y

VT-d enables

–Flexible memory

management by VMM

–Un-modified device drivers to

run in both partitions

–Contain DMA errors across

partitions

–Allows enforcement of

independent security policies

for each partition

Virtual Machine Monitor (VMM) Capability Partition

Host OS and Apps

Host HW

Virtual Appliance

I/O devices assigned to host OS

I/O devices assigned to service OS Virtual Device

Driver

I/O Virtualization

Physical Device Driver Appliance Stack

(10)

10

Intel Trusted Execution Technology

™

Introduced on Weybridge for Increased

Security

y

Codename LT extends

Intel

®

VT capabilities of

partitions and isolation to

increase security using

–

Measured launch and a chain of

trust to generate a secure

partition

–

Trusted Platform Module (TPM)

for Secure Storage of

measurements and Signed

reporting

App App_…App

User OS

VM₁ “Firewall” App “Mgmt” App

Service OS

VM₀

Lightweight VMM

Platform Hardware

(11)

Intel

®

_{Active Management Technology}

Overview

–

Provides Built

-

in Manageability and Proactive Security for

networked computing resources

–

Enables maintenance and repair of systems using out

-

of

-

-band

band

(OOB) management capabilities even if the system is

powered

off or the OS is down

–

Helps secure networks by:

–

Proactively blocking incoming threats

–

Reactively containing the spread of threats

–

Ensuring critical software agents are present

–

Keeping installed software versions up to date

–

Enabling popular third

-

party management consoles and

security applications in use today

(12)

12 Corporate Network Management Console Intel ® Q9 65 Expres s Chips e t FLASH Operating System* SW Agents Core 2 Duo™ DDR2* DDR2* Server Operating System* SW Agents Help Desk Intel PRO/1000 LAN (G)MCH ICH8-DO Operating

SystemDeskHelp

Operating System*

info info

y

y DiscoverDiscover

–

– Enhanced nonEnhanced non--volatile memory storagevolatile memory storage

–

– Out of Band accessOut of Band access y

y HealHeal

–

– Provisioning & remote controlProvisioning & remote control

–

– Hardware DiagnosticsHardware Diagnostics y

y ProtectProtect –– System Defense: Filtering System Defense: Filtering features

features

–

– Capability to allow, disallow, rateCapability to allow, disallow, rate--limit limit packets based on 5

packets based on 5--tuple IP Protocol tuple IP Protocol

Filter

–

– Filters programmed by remote console Filters programmed by remote console

–

– Filtering in hardware for LANFiltering in hardware for LAN

–

– Agent PresenceAgent Presence

Intel

(13)

Intel

®®

_{Active Management Technology}

Major Intel

®

AMT Components

OOB Communication, Management Engine, Nonvolatile Memory

FLASH Operating System SW Diagnostics/Agents/Applications LAN Controller Management Engine Network

Driver Management EngineDriver

= Out-of-band; Active even when System is turned off or OS is down = In Band

System Defense SOAP HTTP Authorization TLS Confidentiality PHY OOB Comms Filter TCP/IP BIOS ME Services HW Sensors & AFSC NV Memory

Intel AMT Firmware Intel AMT Private

Intel AMT Public

(14)

14

Agent Presence Checking

Remote Diagnostics and Repair

Intel

®

_{Active Management Technology}

Usage Cases

Remote Asset Inventory

Hardware and Software Inventory

Encrypted, Remote Power-on and Update

(15)

Intel

®

AMT Core Attributes

Advantage over S/W Solutions

y

OS and HDD-Independent

–

Runs outside the context of the OS

–

Works the same way regardless of the installed OS

–

Immune from OS configuration issues

y

Highly-Available OOB Remote Management

–

Provides remote management capabilities in all system power

and health states

–

Runs on auxiliary and battery power (mobile)

–

Wired and wireless network support (2007)

y

Tamper-Resistance

–

Intel

®

AMT agent bound to the PC and configured by IT

–

Resistant to end

-

user modify/disable

–

(16)

16 Yes Yes No No No No

System Defense / Agent System Defense / Agent Presence Presence Yes Yes No No No No

System Defense /NOC System Defense /NOC Filters Filters Yes Yes No No No No

Firmware Updates Utility Firmware Updates Utility

Registered Registered packet packet None No No No No No No No Remote Boot Only Booting Only

WoL

Yes No 3

3rdrd _{Party Non-}_{Party Non}_-Volatile_Volatile

Storage Storage

Boot/reboot, alerts, event log, and remote

control, redirection Boot/reboot

and alerts

OOB Mgt (Any OS/power OOB Mgt (Any OS/power state)

state)

Remote boot/reboot w/ boot options, Serial

Over LAN, IDE redirection Remote Boot/Reboot w/boot options Remote Control Remote Control SSL 3.1/TLS encryption, HTTP Digest/Negotiate authentication Simple authentication - no encryption Secure Communications Secure Communications SOAP/HTTP (web browser access) RMCP Connection Protocol Connection Protocol TCP TCP (preferred routing (preferred routing protocol) protocol) UDP UDP Layer 4 Stack Layer 4 Stack Yes Yes

Yes (PXE or IDE-Redirect) Yes, including filters Yes (Broadcast to 16

clients, filter only desired events)

Intel

®

AMT

No

Remote BIOS Update Remote BIOS Update

No Asset Information Asset Information Yes (PXE) Remote Reboot Remote Reboot No Event Logging Event Logging Yes (1 Client, no filtering) Event Alerting Event Alerting