Post on 24-Dec-2015
1
Intel® Core™ i5 vPro™
Intel® Core™ i7 vPro™
Discover IT management as it meant to be
Gacsal JózsefÜzletfejlesztési igazgatóIntel Hungary
2
Napirend
• Miért fontos?• Mi ez?• Hogyan működik?• Megéri?• Hogyan tovább?
3
Energy Rising energy costs make power a
significant expense
Security 2M laptops/year are reported as stolen
and 97% are never found1
70% of all reported security breaches were due to insiders2
The average cost of a lostlaptop is $49,2463
Forces Shaping PC Computing
1 Processor, May19,20062 CNET News.com, January 2005, from Ponemon Institute Survey (163 F1000 companies)3 Ponemon Institute April 2009 4 “Using Total Cost of Ownership to Determine Optimal PC Refresh Lifecycles”, Wipro Technologies, November 2009.Actual results may vary based on the number of use-cases implemented and may not be representative of results that individual
businesses may realize.5 April 2009, J. Gold Associates Research Report, Keeping Notebooks Past Their Prime
Manageability On average, firms deploy a reported 35
scheduled patches and application installs per year for laptops and 51 for desktops4
The failure rate in 4th year is about 24%, which is twice the rate in 1st year … An out-off-warranty repair for a failed (laptop) PC is approximately $1,4255
44
The Service Challenge
PC Support Incidents
17%
83%
On-Site Fix
Proactive IT&
Remote Fix
46%
54%
PC Support Costs
• Powered On/Off/Reset
• Unbootable OS• Infected System• Disabled Agents• Machine Not Found
14% are OS related
3% are HW related (can be proactively detected)
ReducesPC Support Costs
Increased remote and proactive manageability reduces truck rolls
Intel® vPro™ technology estimated cost savings data is
being collected in MSP Pilots
5
Intel® AMT Value Proposition
• Discover – Manage networked systems remotely regardless of system state-over TCP/IPv6 & IPv4 Remote HW & SW inventory of switched off PCs, Remote power control
• Heal – Diagnose and repair networked systems remotely via:
www.intel.com/technology/manage/iamt/
Provides build-in manageability and proactive security for networked computing resources
• SOL (Serial Over Lan) text console redirection (incl BIOS access)• IDE-R (remote boot device redireciton) and text based repai tools.• KVM Remote Control (Core i5 vPro only)- HW based KVM (full GUI redirection)
• Protect– Remotely update all systems automatically with the latest security software via – System Defence (Circuit breaker) HW Firewall &
– SW Agent presence– Alarm clock
NEW!
NEW!
6
Intel® Active Management Technology (iAMT) - Overview
FLASH
Operating System
SW Diagnostics/Agents/Applications
LAN Controller
Management Engine
NetworkDriver
Management EngineDriver
= Out-of-band; Active even when System is turned off or OS is down = In Band
SystemDefense
SOAP
HTTPAuthorization
TLS Confidentiality
PHY
OOBCommsFilter
TCP/IP
BIOS
ME Services
HW Sensors &AFSC
NV Memory
Intel AMT Firmware
Intel AMT Private
Intel AMT Public
Intel® Q57/QM57/QS57 Chipsets
7
Intel® Core™ i7/i5 vPro™ ingredient technologies
Processor Chipset Network
Intel® Core™ i7™ vPro (QC)
Intel® Core™ i5™ vPro (DC)
Intel®Express Chipset
Intel® Gigabit Networ
k
Intel® Active Management
Technology 6.0
Intel® Anti-Theft
Technology 2.0
Intel® Virtualization Technology
Intel® Trusted Execution
Technology
• PC protection• Data
Disable • PC Disable• IT-Flexible
Policies, etc
• Local verification
• Remote verification
• Intel® VT-x2 • Intel® VT-d
• KVM Remote Control
• TCP/IPv6 & IPv4• SOL/IDE-R boot
redirect• Boot Control• System Defense• Fast Call for Help
Intel® Centrino®
6000 Series
NEW!
NEW!
NEW!
8
Extensive Hardware and Software SupportIntel® vPro™ Technology
Hardware supportingIntel vPro technology
ASF
Intel® AMT
PCManagement
Options*
Choice Value Chain
Choose Hardware Vendor Choose SoftwareChoose ManagementCapabilities
* Check with your OEM on availability of ASF support.
Software supportingIntel vPro technology
Client Management SuiteDell Client ManagerHP Client Manage
FSC DeskView
Software supporting ASF
Client Management SuiteDell Client ManagerHP Client Manage
FSC DeskView
9
vPro management console ecosystem
Single Management Console
* Other names and brands may be claimed as the property of their respective owners.
Software Vendors
IT Outsourcer
HP OV OOB MC
System Center Configuration Manager
SP1
System Center Essentials& iAMT Pack
Systems ManagementServer 2003 R2
Intel System Defence
Utility
Remote Manageability Functions with Software only-based Management Agent
IT Management Console Or Service Provider
Operating SystemManagement Agent
11
Operating SystemManagement Agent
!
Remote Manageability Usually Cannot Function without Available Software-based Management Agent
Service Interruption PC Powered Off Hard Drive Crash Operating System Failure Virus/Hacker Attack
IT Management Console Or Service Provider
12
Intel® Active Management Technology Out-of –band Management
Copyright © 2006 Intel Corporation. All rights reserved. Intel, the Intel logo, Intel. Leap ahead., the Intel. Leap ahead. logo, vPro, the vPro logo, Centrino, the Centrino logo, Intel Core, Core Inside, Intel SpeedStep, Pentium, Pentium Inside and Celeron are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. *Other names and brands may be claimed as the property of their respective owners.
ManagementConsole SW
OS
LAN Driver
TCP/IP
ManagementAgent
In band (via Software)
out of band
(via Hardware)
13
All new 2010 Intel® Core™ vPro™ Processor Family: Hardware-Based Remote Manageability
Operating SystemManagement Agent
IT Management Console Or Service Provider
13
14
All new 2010 Intel® Core™ vPro™ Processor Family: Hardware-assisted wake-up
IT or Service Provider can remotely power on PCs.
IT Management Console Or Service Provider
15
All new 2010 Intel® Core™ vPro™ Processor Family: Reduce Down Time and Time to Achieve Patch Saturation With Off-Hours Software Updates
IT or Service Provider can provide patch updates remotelywithout interrupting employee productivity. IT Management Console
Or Service Provider
MS Windows 7 deployment speed up with MS SCCM &
Intel vPro
*Other names and brands may be claimed as the property of others
16
All new 2010 Intel® Core™ vPro™ Processor Family: Reduce Energy Costs with Hardware-assisted Remote Shutdown
IT or Service Provider can power off PCs after remote patch updates. IT Management Console
Or Service Provider
17
All new 2010 Intel® Core™ vPro™ Processor Family: Hardware-Based Remote Diagnosis and Repair
IT Management Console Or Service Provider
IT or Service Provider can fix problems and remotely access inoperable PC.
18
All new 2010 Intel® Core™ vPro™ Processor Family8: Disable PCs that are Lost or Stolen
Lost or Stolen PC
8. Intel® Core™ vPro™ processor family includes Intel® Anti-Theft Technology—PC Protection (Intel® AT). No computer system can provide absolute security under all conditions. Intel® Anti-Theft Technology (Intel® AT) requires the computer system to have an Intel® AT-enabled chipset, BIOS, firmware release, software and an Intel AT-capable Service Provider/ISV application and service subscription. The detection (triggers), response (actions), and recovery mechanisms only work after the Intel® AT functionality has been activated and configured. Certain functionality may not be offered by some ISVs or service providers and may not be available in all countries. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof.
IT Management Console Or Service Provider
PC can be disabled remotely:• via poison pill
And PC can be disabled locally:• if they exceed timer limits • if they exceed maximum login
failures
19
Lost or Stolen PC
IT Management Console Or Service Provider
All new 2010 Intel® Core™ vPro™ Processor Family8: Disable PCs that are Lost or Stolen
8. Intel® Core™ vPro™ processor family includes Intel® Anti-Theft Technology—PC Protection (Intel® AT). No computer system can provide absolute security under all conditions. Intel® Anti-Theft Technology (Intel® AT) requires the computer system to have an Intel® AT-enabled chipset, BIOS, firmware release, software and an Intel AT-capable Service Provider/ISV application and service subscription. The detection (triggers), response (actions), and recovery mechanisms only work after the Intel® AT functionality has been activated and configured. Certain functionality may not be offered by some ISVs or service providers and may not be available in all countries. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof.
PC can be disabled remotely:• via poison pill
And PC can be disabled locally:• if they exceed timer limits • if they exceed maximum login
failures
20
Lost or Stolen PC
Hardware-based encryption keys can be disabled or deleted remotely:* via poison pill * if they exceed timer limits * if they exceed maximum login failures
IT Management Console Or Service Provider
8. Intel® Core™ vPro™ processor family includes Intel® Anti-Theft Technology—PC Protection (Intel® AT). No computer system can provide absolute security under all conditions. Intel® Anti-Theft Technology (Intel® AT) requires the computer system to have an Intel® AT-enabled chipset, BIOS, firmware release, software and an Intel AT-capable Service Provider/ISV application and service subscription. The detection (triggers), response (actions), and recovery mechanisms only work after the Intel® AT functionality has been activated and configured. Certain functionality may not be offered by some ISVs or service providers and may not be available in all countries. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof.
All new 2010 Intel® Core™ vPro™ Processor Family8: Disable Data on PCs that are Lost or Stolen
21
iAMT 6.0 – HW KVM Remote Control
New Intel® Core™ i5 vPro™ platform capabilities
• AMT 6.0 – KVM remote control for full Hardware based
(Out-of –Band) GUI diagnostics and repair CKD: Discrete Graphics or
Integrated Graphics
ARD: Discrete Graphics or
Integrated Graphics or
Switchable Graphics
DMIIntel®
FDI
DDR3
Intel® Q57/QM57/QS57 Series ChipsetWith Manageability Engine and Firmware
Management Console
Video displayed at console
Console keyboard & mouse remotely controls client
PC supporting KVM
22
Screen Shot Flow
User’s AMT Machine Management Console
User Consent
Code via Phone
Connected
Synchronized
User Consent displayed by Intel
integrated GfX HW
User Consent displayed by Intel
integrated GfX HW
Connection Icon in Corner + 1px red border around screen During Session
Video Demo – Preview videos online (YouTube & YouTube)
23
PCs with Superior Manageability
Reducing Operational Costs - Results from Atos-Origin, EDS and Siemens Lab Tests
**Source: Improving Asset Inventories and Reducing IT Costs with Intel® vPro™ Technology
*Source: Improving IT Services and Increasing User Uptime withIntel® vPro™ Technology
EDS Lab Evaluation Tests**
Atos-Origin Lab Evaluation Tests*
Asset Inventory :
Hardware Problem: Reduced Deskside Visits
User Productivity : Time to Get Them Back Up
Software Problem :Reduced Deskside Visits
Not in scope
55% reduction
83% reduction
90% reduction
50% reduction
2 hours (reduced from 1 day)
75% reduction
Not measured
Function Tested
95% reduction
50% reduction(speed problem resolution 50%)
95% reduction(Speed OS rebuild 35%)
Siemens Lab Evaluation Tests***
***Source: Siemens Solutions and PC’s with Intel™ vPro™ Technology
Not measured
*Other names and brands may be claimed as the property of others.
24
All new 2010 Intel® Core™ vPro™ Processor Family: PC Refresh Makes Good Business Sense
19 MonthRecoup Investment9
Fast ROI
Intel® Core™ i5processor-based PCs
As low as
9 MonthRecoup Investment9
Faster ROI
Intel® Core™ i5 vPro™ processor-based PCs
As low as
Spend Smart up to
50%REDUCTION OF OPERATIONAL COSTS TO MAINTAIN PCs9
9 “Using Total Cost of Ownership to Determine Optimal PC Refresh Lifecycles”, Wipro Technologies, November 2009. Actual results may vary based on the number of use cases implemented and may not be representative of results that individual businesses may realize.
25
Built on StandardsIntel® AMT technology
IT M
an
ag
em
en
t &
Secu
rity
Need
s
Low
High
ASFUnreliable Protocol (UDP)
Weak AuthenticationNo Encryption
ASFUtilizing Power and
Alerting Features
Ethernet
Internet Protocol (IP)
Transmission ControlProtocol (TCP)
Encryption (SSL)
HTTP
SOAP
XML
OOB (Regardless of System State), Virus Outbreak Protection, Agent Presence, Boot Redirection,
Console Redirection
Power On/Off/Reset, Event Alerting
Intel® vPro™ Technology Upgrades to• Strong Authentication• Standard encryption• Common transmission protocol
Intel® vPro™ Technology Uses• APIs based on web services• APIs are an open specification
ASF Only Intel® AMT technology
26
Intel® vPro® technologyOnline demo
* Internet Access required to start online demo.
http://www.intel.com/business/business-pc/demo/demo.htm?iid=tech_vpro+rhc_technologydemo',752,580
Intel® vPro™ Expert Center
Providing an open dialogue between Intel and the IT community (IT Experts, ISVs, OEMs) on future Intel plans and products.
Using collaboration, knowledge management tools, and training materials to raise the expertise level of the entire IT Community.
Reducing the integration time required to implement Intel® vPro™ Processor Technology in enterprise IT shops and small and medium businesses by sharing best known methods (Discussion Boards & Blogs)
http://www.intel.com/go/vproexpert
28
More information sources• Intel AMT Developer Toolkit: AMT Commander, AMT Switchbox and AMT Outpost
http://softwarecommunity.intel.com/articles/eng/1034.htm• Intel AMT SMS Addon
http://www.intel.com/software/sms-add-on/• Setup & Configuration Service: http://softwarecommunity.intel.com/articles/eng/1025.htm• Intel AMT Software Development Toolkit
http://softwarecommunity.intel.com/articles/eng/1033.htm• Activation CheatSheet & Training
http://communities.intel.com/openport/docs/DOC-1466• vPro On-line Training (Flash)
http://download.intel.com/business/vpro/ActivationClass/main.html• C libraries for low level development Downloads:
Source: http://www.intel.com/cd/ids/developer/asmo-na/eng/321157.htmGuide: http://www.intel.com/cd/ids/developer/asmo-na/eng/321159.htm
• Intel AMT RDKSource http://www.intel.com/cd/ids/developer/asmo-na/eng/321112.htmGuide http://www.intel.com/cd/ids/developer/asmo-na/eng/333401.htm
• Deployment guidehttp://download.intel.com/business/vpro/pdfs/deployment_guide.pdf
• Intel Technology Journal http://www.intel.com/technology/itj/index.htm
• Free management console –Intel® System Defense Utility http://support.intel.com/design/motherbd/software/isdu/index.htm
• Free management console –HP OV Out-of-Band Management Console v7.8https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-271-272%5E9783_4000_100__&jumpid=reg_R1002_USEN
Köszönöm a figyelmet!
29