7. Intel Security Focus
Security & Trust Built-In
Identity Detection & Securing Data Recovery and
Protection & Prevention of and Assets Enhanced
Fraud Deterrence Malware Patching
Hardened Foundation for Computing
7
8. Intel® Technologies: Server Security
Encrypt Isolate Enforce
Intel® AES-NI Intel® VT & Intel® Intel® TXT
TXT
protects VM isolation
delivers built-in and provides a more establishes “trusted”
encryption acceleration secure platform status, foundation to
for better data launch control migration based
protection on security policy
VM 1 VM 2
VM 1 VM 1 VM 2
VMM
?? VMM
Establishing the Foundation for More Secure Computing
8
9. Intel® Trusted Execution Technology
Intel® TXT: Hardware Root of
Trust
• Enables isolation and tamper
detection in boot process
• Measured/Verified BIOS and
Hypervisor or OS
• Complements runtime Intel®
protections Chipset
TPM
• Reduces support and
remediation costs BIOS Flash VT VMM/OS
(MLE)
• Hardware based trust
provides visibility and
verification useful in
compliance, enforcement
Intel® TXT: Enforce Control On The Platform
9 www.intel.com/go/txt
10. Intel® TXT Use Models
Trusted Pools
2
1
Hardware enforced detection of
launch components —reduces
malware threat Trusted Launch –
1 Verified platform
integrity
2 Enforce control of VMs based
Internet
on platform trust (and more)
to better protect data
3 Hardware support for
compliance reporting
Compliance Support – enhancing
3 auditability of cloud environment
Powerful Benefits: Protection, Visibility and Control
*Other names and brands may be claimed as the property of others
10 www.intel.com/go/txt
15. MOVE-AV Benefits
OPTIMIZES McAfee security for
1
virtualized environments
STANDARDIZES security across all
2
major hypervisors
ENSURES best security management
3
and delivery for virtualized environments
Security Intelligence for Virtualization
15 Confidential
16. Optimizes McAfee Anti-Virus
VM VM MOVE McAfee ePO
Appliance
MOVE MOVE
MA MA MA
OS OS OS
Hypervisor
Features
• Offloads On-Access Scanning
• Enhanced scan avoidance
• Memory protection
Datacenter
• Quarantine
• GTI file reputation
• VSE license for virtual machines
16
17. 2. Standardizes Security Across Hypervisors
VM VM MOVE McAfee ePO
Appliance
MOVE MOVE
MA MA MA
OS OS OS
VMware ESX
Citrix XenServer
Features
Microsoft Hyper-V* • Hypervisor-agnostic
• Hypervisor-aware scan scheduling
• Increased hypervisor capacity
Datacenter • Offline security for inactive servers
• ePO management
17 *Not supported for MOVE Scheduler
20. Discussion topic:
Drive higher efficiencies and consolidation ratios through
virtualization-optimized security solutions for the guest
and virtual infrastructure
20
21. Discussion topic:
Provide corporate with visibility and enable a state of
continuous compliance
Audience: How are you producing these insights for your management
teams now?
21
22. Summary
• Together provide more comprehensive virtualization security
• Put Intel® Cloud Builders reference solutions to work: makes it easier to
deploy and optimize cloud infrastructure
www.intel.com/cloudbuilders
• Automatically enforce use of trusted compute pools for sensitive
workloads in private, hybrid of public clouds. Highly regulated and
security conscious organizations can demand use of trusted compute
pools!
www.hytrust.com
• For more information on McAfee’s MOVE offering visit
http://www.mcafee.com/us/products/move-anti-virus.aspx
22
