Smau Bari 2012 Marco Soldi


Published on

The security end to end

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Smau Bari 2012 Marco Soldi

  1. 1. IntelThe security end to endMarco Soldi
  2. 2. Enter the Era of Pervasive Computing… Traditional Computing 2015 - Everything Computing >1Billion Additional Users1 >15 Billion Connected Devices 2 > 8X Network, 16X Storage & 20x Compute Capacity Needed 31. IDC “The Internet Reaches Late Adolescence” Dec 2009, extrapolation by Intel for 20152. ECG “Worldwide Device Estimates Year 2020 - Intel One Smart Network Work” forecast3. 8x Network: 800 Terabytes / second of IP traffic estimated on Internal Intel analysis “Network Supply/Demand 2010-2020” forecast . 16x Storage: 60 Exabytes of data stored from Barclays Capital “Storage Bits” Sept 2009, extrapolation by Intel for 2015; Intel Confidential 20x Compute: Intel Internal LRP forecast. Extrapolated to 1 billion virtual servers using 1 vm/core
  3. 3. Intel’s Cloud 2015 Vision Federated Automated Share data IT can focus more securely across on innovation andpublic and private less on clouds management MIC Architecture Client Aware Optimizing services based on device capabilityDesktops Laptops Netbooks Personal Devices Smartphones Smart TVs Embedded Intel Architecture Compute Continuum Intel Confidential
  4. 4. Where are the Threats Focusing? Traditional Growing Emerging Attack Targets/ Attack Targets/ Attack Area Risk Area Risk AreaLimited physical Changing perimeters Strongest physicalprotections and more and increased access isolation and lowesthuman interaction accessibility antispam encryption vPro / TXT encryption encryption antivirus antitheft antivirus access IPS/IDS control content IPS/IDS IPS/IDS antispam inspection Client Edge & Departmental Back End Systems Systems Systems Compute Resources Gain Capability to Complement Perimeter - Enabling Protections Deeper into the Datacenter Intel Confidential
  5. 5. Trusted Client to Cloud Access for Users & Services Secure Data & Private/Public VMs CloudIntel® Identity Protection Intel® Trusted Execution Technology Technology AES instruction Virtualisation Technology Secure Clients Unified Security Across Security Layers Intel Confidential
  6. 6. Intel® Technologies: Server Security VM VM VM VM VM Intel® TXT Intel® TXT ??? Platform Platform Isolate Enforce Encrypt Intel® VT & Intel® TXT Intel® TXT establishes Intel® AES-NI protects VM isolation and “trusted” status, foundation delivers built-in provides a more secure to control migration based encryption platform launch on security policy acceleration for better data protection Intel Confidential6
  7. 7. Keep Data Safer and End-users Intel AES-NI ® More Productive 3 accelerate encryption operations Up to 4x faster encryption17 i5-2400 (desktop) i5-2520M (laptop) Helps Speed Data Protection Whole-disk encryption Internet File Storage Encryption Security E6550 (desktop) T7250 (laptop) 0 1 2 3 4 “Theres a definite benefit to… AES-NI instructions... This is huge for corporate desktops/notebooks”30 —Anandtech*3 Intel ® AES-NI requires a computer system with an AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequen Intel Confidential17 Source: Comparing Intel® Core™ i5-2520M processor based laptops to theoretical installed base of Intel® Core™2 Duo Processor T7250 . Security workload consists of SiSoftware Sandra* 2010 - AES256 CPU Cryptographicsubtest measures CPU performance while executing AES (Advanced Encryption Standard) encryption and decryption algorithm.30 The Clarkdale Review: Intels Core i5 661, i3 540 & i3 530, Anand Lal Shimpi, Anandtech, January 2010.
  8. 8. Hardware based security to help protect your PC and data when it is lost or stolen Local intelligence on PC detects potential theft and triggers action 1 or PC is disabled via poison pill sent over Internet IT Help Desk Provider3 PC can be easily reactivated via a local password or server-generated code 2 PC shows customized message and remains disabled even if OS is re-installed • Absolute* Computrace* with Microsoft* System Center Service Manager 2010* • PGP* Whole Disk Encryption Solutions* • WinMagic* Secure Doc Full-disk Encryption* 4 2nd Gen Intel® Core™ Processors with Optional Intel® Anti-Theft Technology Intel Confidential 4 Intel® Anti-Theft Technology requires the computer system to have an Intel® AT-enabled chipset, BIOS, firmware release, software, and an Intel AT-capable Service Provider/ISV application and service subscription.