CES Latest news

CES 2025: Comprehensive security solutions with the Intel vPro® platform

The Intel vPro® platform provides a hardware-based security architecture that protects organizations from the growing challenges of modern cyberthreats. With innovative technologies to secure below the operating system, protect applications and data, and provide advanced threat defense, it creates a robust foundation for IT security. At the same time, the platform supports the secure use of AI applications and uses AI to improve cyber security to ensure a future-proof IT infrastructure.

1. Security below the operating system

This area of the Intel vPro® platform focuses on protecting against attacks that target the firmware, BIOS and other critical system components even before the operating system is fully loaded. The main technologies include:

  • Intel® Boot Guard: This feature verifies the integrity of the BIOS boot block and ensures that only authorized software is executed. It builds a hardware-based foundation of trust that prevents tampering in the early boot process.

  • Intel® BIOS Guard: This technology protects the BIOS flash memory from unauthorized changes. It minimizes the attack vector through strict access control and reduces the risk of permanent subversion or denial-of-service attacks on the BIOS firmware.

  • Intel® Platform Trust Technology (PTT): PTT integrates the functions of a Trusted Platform Module (TPM) into the hardware and provides secure storage for keys, certificates and passwords. This improves the protection of sensitive data while meeting the hardware requirements of modern operating systems such as Windows.

  • Intel® Runtime BIOS Resilience: This feature impedes attacks that introduce malware into the System Management Mode (SMM) environment during runtime by locking the memory pages of the BIOS, preventing tampering by attackers.

2. Protection of applications and data

Here Intel focuses on securing applications, virtual machines (VMs) and memory against attacks that go beyond protecting the operating system. These technologies address security threats such as data exfiltration, memory attacks and the manipulation of virtual environments:

  • Intel® Virtualization Technology (VT-x and VT-d): These technologies enable hardware-assisted virtualization, isolate virtual workspaces and prevent unauthorized access to memory. They not only protect sensitive data, but also the integrity of containers and virtual machines.

  • Intel® Total Memory Encryption (TME): TME encrypts the entire system memory to prevent attacks such as cold-boot or physical memory sampling. This provides protection for stolen devices by maintaining data confidentiality even if the hardware is physically accessed.

  • Intel® Advanced Encryption Standard New Instructions (AES-NI): This enhancement speeds up encryption, improving the performance of security applications such as disk encryption solutions without compromising security.

  • Mode-Based Execution Control (MBEC): MBEC provides fine-grained control over the execution rights of code to protect the integrity of system and kernel code from malicious changes.

3. Advanced Threat Defense

To detect and combat new and more complex threats, Intel combines hardware telemetry analysis with advanced AI methods. This approach enables efficient detection and defense against attacks such as ransomware or crypto-mining:

  • Intel® Threat Detection Technology (TDT): TDT uses hardware-based telemetry and AI to identify anomalies and malware, including fileless attacks. By offloading memory scanning to the GPU, CPU power is freed up for other tasks while increasing the efficiency of threat detection.

  • Intel® Control-flow Enforcement Technology (CET): CET protects against control-flow hijacking attacks such as Return-Oriented Programming (ROP) and Jump-Oriented Programming (JOP). Hardware-based functions such as shadow stacks ensure the integrity of the program flow.

  • Advanced Platform Telemetry: This technology combines machine learning with hardware-based telemetry to profile and detect attacks in near real-time without impacting the user experience.

4. Security for AI and AI for security

The increasing integration of AI into endpoints presents both opportunities and challenges for cybersecurity. The Intel vPro® platform provides safeguards to secure AI models and their data during execution, while leveraging AI to enhance security architectures:

  • Security for AI: Intel works with partners to prevent attacks on AI models and applications. Protective measures include detecting data poisoning attacks and protecting against unauthorized access to sensitive data during model execution.

  • AI for security: By using GPUs and Neural Processing Units (NPUs), AI-powered security solutions are being developed that are able to autonomously detect and fend off threats such as phishing attacks or deepfakes.

Summary

The Intel vPro® platform is designed to address security threats at every level of the IT infrastructure. By integrating hardware-based security functions both above and below the operating system, it offers comprehensive protection against a broad spectrum of modern threats. With this platform, Intel is positioning itself as a trusted partner for organizations looking to strengthen their cybersecurity strategies in an increasingly complex digital world.

igor’LAB received this information from Intel in advance under NDA. The only condition was compliance with the embargo period.

Kommentar

Lade neue Kommentare

OldMan

Veteran

275 Kommentare 97 Likes

Hört sich alles ganz spannend an, aber ich bin, wie immer bei solchen Ankündigungen, sehr skeptisch. Interessant wird das alles ja für kommerzielle Nutzer. Hier wird sich aber zeigen welche zusätzlichen HW Anforderungen hier gestellt werden. Die Verlagerung von Prozessen in Richtung GPU ist ja ok, aber welche Anforderungen werden hier an die GPU gestellt? Auch eine NPU ist heute noch kein "Standard" in den Endgeräten. Wie sieht hier dann die Kosten / Nutzungsrechnung aus. Wenn ich hier z.B. 20.000 Endgeräte im Einsatz habe wo dann jedes Endgerät aber 200€ oder 300€ mehr kostet dann muss sich das rechnen.
Darüber stellt sich dann auch die Frage ob hier auch Komponenten von Drittanbietern, also GPU von NV oder AMD unterstützt werden, oder ob man hier hier komplett im INTEL Kosmos gefangen ist?
Somit: Mal abwarten was davon in der Realität wirklich ankommt und brauchbar ist.

Antwort Gefällt mir

Danke für die Spende



Du fandest, der Beitrag war interessant und möchtest uns unterstützen? Klasse!

Hier erfährst Du, wie: Hier spenden.

Hier kannst Du per PayPal spenden.

About the author

Igor Wallossek

Editor-in-chief and name-giver of igor'sLAB as the content successor of Tom's Hardware Germany, whose license was returned in June 2019 in order to better meet the qualitative demands of web content and challenges of new media such as YouTube with its own channel.

Computer nerd since 1983, audio freak since 1979 and pretty much open to anything with a plug or battery for over 50 years.

Follow Igor:
YouTube Facebook Instagram Twitter

Werbung

Werbung