Intel® vPro™ Technology
Built-in security for greater protection1
Today’s rapidly evolving business environment is creating a new set of security challenges. From rootkit attacks to international security breaches, threats have grown more advanced. As employees become more mobile and socially connected, they require new delivery models, such as cloud computing and desktop virtualization, along with the IT support that ensures seamless connectivity.
To quickly respond to these needs and stay ahead of high-level security threats, businesses need a comprehensive suite of security solutions that addresses each of the four most critical areas of IT security:
- Threat management, including protection from rootkits, viruses, and malware
- Identity and web site access point protection
- Confidential personal and business data protection
- Remote and local monitoring, remediation, and repair of PCs and workstations
See how Intel® vPro™ technology works.
Learn more about the key features and benefits of 3rd generation Intel® Core™ vPro™ processors.
An added layer of security for businesses
PCs based on the 3rd generation Intel® Core® vPro™ processor family and workstation platforms based on the Intel® Xeon® processor E3-1200 v2 family with embedded security simplify and accelerate these four critical IT functions. Moreover, they provide an additional layer of protection when combined with security software.
Intel® vPro™ technology is a set of security and manageability capabilities built into the 3rd generation Intel Core vPro processor family, the Intel Xeon processor E3-1200 product family, Intel® chipsets, and network adapters. While Intel vPro technology is conveniently built in, it still requires setup and configuration. Thanks to Intel® Setup and Configuration Software 8.0, IT managers can implement Intel vPro processor-based PCs or workstations in a matter of minutes.2
Prevent attacks below the operating system
With security and threat management features embedded in the hardware, Intel® vPro™ technology:
- Protects against difficult-to-detect, penetrating rootkits and malware that threaten users working in cloud or virtual environments by employing Intel® Trusted Execution Technology3 and Intel® Virtualization Technology4
- Enables hardware-based virtualization for PCs or workstations using Intel Virtualization technology for centralized image management and administration, secure network storage, and out-of-band protection—all beyond the firewall
Learn more about embedded security in the 3rd generation Intel® Core™ vPro technology white paper.
Strengthen authentication and protect passwords
Traditional forms of account authentication are no longer enough to protect businesses against identity theft or to prevent web site access points from being compromised. Intel vPro technology features Intel® Identity Protection Technology (Intel® IPT),5 which provides several critical built-in defenses, including:
- An embedded one-time password that eliminates the cost and support of physical tokens while ensuring secure VPN and web site access and seamless user authentication
- Embedded public key infrastructure (PKI), a second factor of authentication that is stored in firmware and used to authenticate users and servers and encrypt and sign documents, eliminating the need for tokens or smart cards
- Protected transaction display, an encrypted, secure I/O technology, that helps prevent identity theft by enabling businesses and web sites to confirm user presence, verify transactions, and create a secure pin input prior to releasing credentials, thus eliminating risk from screen scrapers or keyloggers
Protect confidential business, employee, and customer information
As the use of cloud computing and the number of mobile PCs in today’s business environment expands, the need for fast, reliable encryption technology to prevent data loss is essential. While Intel® IPT helps to ensure that user identity is protected with a unique computer-generated token if the computer is lost or stolen, Intel® Anti-Theft Technology allows IT to remotely lock down the computer, protecting both the user’s identity and corporate data.6 This enhanced security capability is also available on workstations with the Intel Xeon processor E3-1200 v2 product family. Intel vPro technology also:
- Accelerates data encryption/decryption using Intel® AES New Instructions,7 encrypting data up to four times faster without interfering with user productivity8
- Employs Intel® Secure Key,9a hardware-based encryption technology that generates higher-quality random numbers, making data encryption even more secure for safer online interactions
Respond to security breaches with speed and agility
Embedded in hardware, Intel vPro technology capabilities are accessed and administered separately from the hard drive, OS, and software applications—in a pre-boot environment. This makes management less susceptible to issues affecting these areas and allows remote access to the PC or workstation, regardless of the system’s power state or OS condition. This technology:
- Allows IT technicians to quickly deploy security patches across PCs, remotely unlock encrypted drives, and manage data security settings
- Gives IT help desk personnel complete control over a platform with features like KVM Remote Control10 with support for three simultaneous display configurations, 27 additional languages, and enhanced mouse improvements across multiple screens
- Enables IT to remotely diagnose, isolate, and repair infected platforms after a security breach occurs
- Uses Intel® Active Management Technology11 (Intel® AMT) to facilitate remote management of platform applications, even when the platform is turned off, as long as the platform is connected to a power line or network
Get connected with the Intel vPro technology IT community and find out more at the Intel® vPro™ Expert Center.
Find your solution stack for Intel vPro technology.
1. No computer system can provide absolute security under all conditions. Built-in security features available on select Intel® processors may require additional software, hardware, services and/or an Internet connection. Results may vary depending upon configuration. Consult your system manufacturer for more details. For more information, see http://www.intel.com/content/www/us/en/security/security-at-home.html.
2. Availability of features and results will depend upon the setup and configuration of your hardware, software, and IT environment.
3. No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology requires a computer system with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). The MLE could consist of a virtual machine monitor, an OS or an application. In addition, Intel TXT requires the system to contain a TPM v1.2, as defined by the Trusted Computing Group, and specific software for some uses. For more information, see www.intel.com/content/www/us/en/data-security/security-overview-general-technology.html.
4. Intel® Virtualization Technology (Intel® VT) requires a computer system with an enabled Intel® processor, BIOS, and virtual machine monitor (VMM). Functionality, performance, or other benefits will vary depending on hardware and software configurations. Software applications may not be compatible with all operating systems. Consult your PC manufacturer. For more information, visit www.intel.com/content/www/us/en/virtualization/virtualization-technology/hardware-assist-virtualization-technology.html.
5. No system can provide absolute security under all conditions. Requires an Intel® Identity Protection Technology (Intel® IPT) enabled system, including a 2nd or 3rd generation Intel® Core™ processor or an Intel® Xeon® processor E3-1200 v2 product family, enabled chipset, firmware and software, and participating website. Consult your system manufacturer. Intel assumes no liability for lost or stolen data and/or systems or any resulting damages. For more information, visit http://ipt.intel.com.
6. Intel® Anti-Theft Technology (Intel® AT). No system can provide absolute security under all conditions. Requires an enabled chipset, BIOS, firmware and software and a subscription with a capable Service Provider. Consult your system manufacturer and Service Provider for availability and functionality. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof. For more information, visit www.intel.com/content/www/us/en/architecture-and-technology/anti-theft/anti-theft-general-technology.html.
7. Intel® AES New Instructions (Intel® AES-NI) requires a computer system with an Intel® AES-NI-enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. Intel® AES-NI is available on select Intel® processors. For availability, consult your reseller or system manufacturer. For more information, see software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni.
8. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations, and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to http://www.intel.com/performance. Results have been measured by Intel based on software, benchmark or other data of third parties and are provided for informational purposes only. Any difference in system hardware or software design or configuration may affect actual performance. Intel does not control or audit the design or implementation of third party data referenced in this document. Intel encourages all of its customers to visit the websites of the referenced third parties or other sources to confirm whether the referenced data is accurate and reflects performance of systems available for purchase.
9. No system can provide absolute security. Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) requires a computer system with an Intel® AES-NI-enabled processor, as well as software to execute the instructions in the correct sequence. Intel® Secure Key requires an Intel® Secure Key-enabled platform, available on select Intel® processors, and software optimized to support Intel® Secure Key. Consult your system manufacturer for more information and availability.
10. KVM Remote Control (Keyboard Video Mouse) is only available with Intel® Core™ i5 vPro™ processors and Intel® Core™ i7 vPro™ processors with active processor graphics. Discrete graphics are not supported.
11. Security features enabled by Intel® Active Management Technology (Intel® AMT) require an enabled chipset, network hardware and software and a corporate network connection. Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating, or powered off. Setup requires configuration and may require scripting with the management console or further integration into existing security frameworks, and modifications or implementation of new business processes. For more information, visit http://www.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html.