Intel® Centrino® 2 with vPro™ Technology and
Intel® Core™2 processor with vPro™ Technology
Best for Business:
Manageability and Security on the Chip
1
1.
2.
3.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
2
Legal and Trademark Disclaimers
Intel® vPro™ Technology in 2007 DASH implementation is based on draft DASH 1.0 specifications
Intel® Core™2 Duo processor E6700 when compared to the Intel ® Pentium® D processor 960. Performance measured using SPECint* rate
base2000. Actual performance may vary. Energy efficiency based on Thermal Design Power (TDP) measurement.
ENERGY STAR denotes a system level energy specification, defined by the US Environmental Protection Agency, that relies upon all of the
system's components, including processor, chipset, power supply, HDD, graphics controller and memory to meet the specification. For more
information, see http://www.energystar.gov/index.cfm?fuseaction=find_a_product.showProductGroup&pgw_code=CO
System performance, battery life, power savings, high-definition quality, video playback and functionality, and wireless performance and
functionality will vary depending on your specific operating system, hardware, chipset, connection rate, site conditions, and software
configurations. References to enhanced performance refer to comparisons with previous generation Intel technologies. See
http://www.intel.com/products/centrino/index.htm and http://www.intel.com/performance/mobile/benchmarks.htm for more information on
performance, power savings and energy efficiency.
Intel® Active Management Technology requires the platform to have an Intel® AMT-enabled chipset, network hardware and software, as well as
connection with a power source and a corporate network connection. With regard to notebooks, Intel AMT may not be available or certain
capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating or powered off. For
more information, see http://www.intel.com/technology/manage/iamt.
Source: IDC's 2007 Commercial PC Survey, Part 2, Doc # 212215, July 2008
Source: “Case Studies with Intel® vPro™ Processor Technology – An Analysis of Early Testing of Intel vPro Processor Technology in Large IT
Departments”, C. La Grand & M. Salamasick, 2007
Source: “Case Studies with Intel® vPro™ Processor Technology – An Analysis of Early Testing of Intel vPro Processor Technology in Large IT
Departments”, C. La Grand & M. Salamasick, 2007
According to studies funded by the US EPA, 90% of PC in commercial settings use computer power management. (See
http://enduse.lbl.gov/info/LBNL-53729_REV.pdf , http://www.energystar.gov/ia/products/power_mgt/North_Thurston_Case_Study.pdf and
http://www.energystar.gov/ia/partners/prod_development/revisions/downloads/computer/ComputerPowerMnmt.pdf.
Source: Businessweek.com: CEO Guide To Green Computing
Source: Gartner’s Top Predictions for IT Organization and Users, 2007 and Beyond
ENERGY STAR denotes a system level energy specification, defined by the US Environmental Protection Agency, that relies upon all of the
system's components, including processor, chipset, power supply, HDD, graphics controller and memory to meet the specification. For more
information, see http://www.energystar.gov/index.cfm?fuseaction=find_a_product.showProductGroup&pgw_code=CO
Measured using SYSmark* 2007 Preview, BAPCo’s latest version of the mainstream office productivity and Internet content creation benchmark
tool used to characterize the performance of the business client, comparing latest generation comparing Intel ® Centrino® 2 processor technologybased notebooks with comparable frequency first generation dual-core Intel Centrino processor technology based notebooks. SYSmark 2007
Preview features user-driven workloads and usage models developed by application experts. Actual performance may vary. See
http://www.intel.com/go/consumerbenchmarks for important additional information.
Lead-free claim: 45nm product is manufactured on a lead-free process. Lead is below 1000 PPM per EU RoHS directive (2002/95/EC, Annex
A). Some EU RoHS exemptions for lead may apply to other components used in the product package.When you make a lead-free claim regarding
Intel products. Halogen-free claim: Applies only to halogenated flame retardants and PVC in components. Halogens are below 900 PPM bromine
and 900 PPM chlorine.
Performance tests/ratings are provided assuming specific computer systems and/or components and reflect the approximate performance of Intel
products as measured by those tests. Any difference in system hardware or software design or configuration may affect actual performance. This
data may vary from other material generated for specific marketing requests.
Notebooks must be plugged in to a power source to be accessible when off.
Soucre: Intel
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
39.
40.
41.
42.
3
Legal and Trademark Disclaimers (Cont’d)
If not using Intel® AMT
Weybridge DASH 1.0 implementation is “pre-standard”
Systems using Client Initiated Remote Access require wired LAN connectivity and may not be available in public hot spots or “click to accept”
locations. For more information on CIRA visit http://www.intel.com/products/centrino2/vpro/index/htm
Gartner, Inc., “Gartner 2006-2007 IT Spending and Staffing survey: North America,” by B. Gomolsky & M. Smith, 5 March 2007
Some HD Audio functionality is dependent on actual implementation, controller, and codec
Dash compliant platforms are not required to support all features
Mobile PC must be plugged into AC power
For a firm with 12,300 notebook PCs with a 3-year refresh cycle
Whitepaper found on intel.com here: http://download.intel.com/products/centrino/pro/centrino_wipro.pdf
Copyright © 2007 Intel Corporation. All rights reserved. Intel, the Intel logo, vPro, the vPro logo, Pentium, and Pentium Inside are trademarks or
registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. *Other names and brands may be claimed as
the property of their respective owners.
Intel® Virtualization Technology requires a computer system with an enabled Intel ® processor, BIOS, virtual machine monitor (VMM) and, for some
uses, certain platform software enabled for it. Functionality, performance or other benefits will vary depending on hardware and software
configurations and may require a BIOS update. Software applications may not be compatible with all operating systems. Please check with your
application vendor.
Intel processor numbers are not a measure of performance. Processor numbers differentiate features within each processor family, not across
different processor families. See www.intel.com/products/processor_number for details.
vPro SKUs TBD
Enabling Execute Disable Bit functionality requires a PC with a processor with Execute Disable Bit capability and a supporting operating system.
Check with your PC manufacturer on whether your system delivers Execute Disable Bit functionality.
Intel® 64 requires a computer system with a processor, chipset, BIOS, operating system, device drivers and applications enabled for Intel 64.
Processor will not operate (including 32-bit operation) without an Intel 64-enabled BIOS. Performance will vary depending on your hardware and
software configurations. See www.intel.com/technology/64bitextensions/ for more information including details on which processors support Intel
64 or consult with your system vendor for more information.
Intel® Virtualization Technology requires a computer system with an enabled Intel® processor, BIOS, virtual machine monitor (VMM), and for some
uses, certain platform software enabled for it. Functionality, performance, or other benefits will vary depending on hardware and software
configurations and may require a BIOS update. Software applications may not be compatible with all operating systems. Please check with your
application vendor.
No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology (Intel® TXT) requires a computer
system with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXTcompatible measured launched environment (MLE). The MLE could consist of a virtual machine monitor, an OS or an application. In addition, Intel
TXT requires the system to contain a TPM v1.2, as defined by the Trusted Computing Group and specific software for some uses. For more
information, see http://www.intel.com/technology/security
Requirements to Remote: Intel AMT must be shipped “on” by OEM (by request only), PC on the wire (no wireless), Local management agent factory
installed or loaded over LAN (Intel SCS agent or enabled ISV agent), Network configured for Dynamic IP Mode (DHCP)
Quad-core processor released August 19, 2008
Copyright © 2007 Intel Corporation. All rights reserved. Intel, the Intel logo, Intel. Leap ahead., the Intel. Leap ahead. logo, Intel vPro, the Intel
vPro logo, Centrino, the Centrino logo, Intel Core, Core Inside, Intel SpeedStep, Pentium, Pentium Inside and Celeron are trademarks or registered
trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
* Other names and brands may be claimed as the property of their respective owners.
Agenda
• What is Intel® vPro™
Technology?
• PCs with Intel® vPro™
Technology:
Impact on business
• Get a Handle On
– Risk management
– Keeping the business
running efficiently
– Delivering on green
initiatives and
innovative services
• Proven Technology
– Significant Industry
Momentum
– Ecosystem maturity
4
Great Processor Technologies
with Energy-Efficient Performance
• Multi-task demanding business
applications
• Keep power consumption to a minimum
without sacrificing performance
• Industry-leading performance14 for
today’s software, like visually-demanding
Windows Vista*, with room to grow.
• Faster mobile performance
means fewer delays
• Designed for the longest possible
battery life
• Discover wireless at the speed
of business
5
Made Even Better with Built-in
Manageability and Proactive Security!
• Best for business: security
and manageability on the chip
• Remotely configure, diagnose,
isolate, and repair infected PCs
even if they are off, the OS is
unresponsive, or outside the
corporate firewall22
• Can greatly reduce the cost
of maintaining your PCs
• Built on industry standards
like WS-MAN and DASH*
Best for Business: Intel vPro Technology
6
6
What is Intel® vPro™ Technology?
Processor
Chipset
• Intel® Core™2 Duo processor
Security and Manageability
• Intel® Core™2 Quad
processor
• Manageability Engine6
• Intel® Virtualization
Technology
• Intel® Active Management
Technology6
• Intel® Trusted Execution
Technology
• Non-Volatile Memory
Network
Independent Network
Access
• Intel® Active Management
Technology6
• Intel® Virtualization
Technology
Intel vPro technology: security and manageability on the chip
7
PCs with Intel® vProTM Technology:
Impact on Business
Actual Customer Experiences with Intel vPro Technology
Up to
Up to
Up to
Up to
90% reduction
98% less
25% more
51% ROI
in software-related
desk-side visits
unintended PC
downtime due to
software issues
Power-efficiency
improvement
Value Space
EDS
Advocate Health
Care
Read case study
Read case study
Read case study
Indiana State
Office of
Technology
Read case study
8
View video on YouTube
What Goals Do You Have For Your
Business Computing Needs?
Risk Management
9
Keeping the Business
Running Efficiently
Green Initiatives and
Innovative Services
Risk Management
Are These Issues Keeping
You From Moving Your
Business Forward?
• Users or malicious
software can tamper
with security software
• Days to exploit for PC
security vulnerabilities is
now almost “zero days”
• Today’s remote management
technologies are not secure
• Security software agents
go missing
10
Risk Management
Security and Network Manageability Features Are
Driving Business PC Buying Decisions7
25.5%
Very Signficant
9.0%
60.7%
Somewhat Significant
29.7%
44.8%
Not Significant
30.3%
Security Features Influencing
Notebook IT Buying Decisions
in Large Businesses
11
Network Manageability Features
Influencing Notebook IT Buying
Decisions in Large Businesses
Risk Management
Before Intel® vPro™ Technology
• Weak authentication encryption for
remote wake
Operating System
Application
In-Band
Remote Control
Agent
• Vulnerable security agents due to
user tampering and
software attacks
Compliance
Agent
Security
Agent
• No out-of-band management
without major security exceptions
Processor
Chipset
• Security is software-based
SDN*, & Microsoft
NAP* Credentials
Hardware Platform
These issues slow your business down
12
802.1x, Cisco
Comms
Risk Management
After Intel® vPro™ Technology
• Strong authentication and 128bit
encryption for remote wake
• View the use model
• Security agent presence
monitored by hardware
• View the use model
• Network security credentials available
even if OS is off or down
• View the 802.1x, Cisco SDN* use
model
• Microsoft NAP* use model
• Hardware-based network filters add depth
to software protection
• View the use model
Operating System
Application
In-Band
Remote Control
Agent
Compliance
Agent
Security
Agent
Processor
Chipset
802.1x, Cisco
SDN*, & Microsoft NAP*
Credentials
Comms
Out-of-Band
Remote Control and
Boot Capabilities
Intel vPro technology
Intel ® vPro™ technology:
Security and Manageability on the chip
13
Risk Management
Real Results
Actual customer experiences with Intel® vPro™ technology8
Current
Process
With Intel vPro
technology
Percent
Improvement
71
0.3
99%
Typical inventory accuracy 5,000 PCs
84%
98%
16%
Success rate: Automated hardware
inventory
81%
99%
22%
Current
Process
With Intel vPro
technology
Percent
Improvement
Average # hours to patch 1,000 PCs
64.8
9.2
85%
% of PCs requiring deskside patch
7.5%
2%
73%
Average # hours to achieve saturation
278.4
16.8
94%
Compliance
Time to discover 1,000 PCs onsite (hrs)
Patch Management
Hardware mitigates more risk than software alone
14
Keeping the Business Running Efficiently
Are These Issues Keeping
You From Moving Your
Business Forward?
• Costly deskside visits
• Limited remote capabilities
increasing user downtime
• Manual inventories
15
Keeping the Business Running Efficiently
Before Intel® vPro™ Technology
• Remote management capabilities
unavailable when OS off or down
• Inventory and compliance
processes disrupted by user
intervention and powered
down systems
• Unreliable remote access within
corporate firewall increases deskside visits and user downtime
• End-user notebook PC problems
when outside the corporate firewall
most problematic and costly
Operating System
Application
Remote Control
Agent
SDN* & Microsoft
Compliance
Agent
Security
Agent
Processor
Chipset
NAP* Credentials
Hardware Platform
These issues slow your business down
16
802.1x, Cisco
Comms
Keeping the Business Running Efficiently
After Intel® vPro™ Technology
• Hardware-based management
capabilities enable remote access even
if system is off, OS down or notebook
PC is outside firewall via wired LAN
• View the use model
• View the use model for outside the
corporate fire wall
• Hardware-based remote access and
persistent system information increases
reliability and speed of inventory audit
• View the use model
• Reduced need for desk-side
visits decreases costs and
user downtime
Operating System
Application
Remote Control
Agent
Compliance
Agent
Security
Agent
Processor
Chipset
802.1x, Cisco
SDN* & Microsoft NAP*
Credentials
Comms
Remote Control &
Boot Capabilities
Intel vPro technology
Intel ® vPro™ technology:
security and manageability on the chip
17
Keeping the Business Running Efficiently
Real Results
Actual customer experiences with Intel® vPro™ technology9
Current
Process
With Intel vPro
technology
Percent
Improvement
Deskside visits for software fix
1.64
0.14
91%
Deskside visits for hardware fix
2.29
1
55%
User downtime (hours), software issue
– remote resolution
16
0.31
98%
User downtime (hours), hardware
issues – remote resolution
48
16
66%
Total Cost of Ownership
Inventory and update quickly, reliably, and securely,
all without leaving your desk
18
Green Initiatives and
Innovative Services
• Corporate demands
for energy efficiencies
• Ability to handle nextgeneration software
and use models
19
Green Initiatives and Innovative Services
Energy Efficiency
Advance corporate initiatives with Intel® vPro™ technology
• “By 2010, about half of the Forbes Global 2000 companies
will spend more on energy than on hardware such as servers.
Energy costs, now about 10% of the average IT budget, could rise
to 50% in a matter of years.”12 Rakesh Kumar, Gartner Analyst
• Current IT processes are not power efficient
– 90% of desktops have power management disabled10
– Many customers leave PCs running 24x7 to enable off-hours software
updates11
• Secure, reliable power-on and power-off capabilities in Intel vPro
technology can significantly reduce power consumption
– View the use model
Intel® vPro™ technology can help meet your corporate
energy- efficiency demands
20
Green Initiatives and Innovative Services
Eco-Innovation
Improved energy efficient performance and environmental
sustainability
• PCs use significantly less power consumption when in idle mode
– The latest Intel® Centrino® 2 with vPro™ technology is up to 30% faster
when multitasking14, enabling the notebook to get to a lower power state
sooner, reducing total energy consumption
– Latest Intel Centrino 2 with vPro technology or Intel® Core™2 processor
with vProTM technology enable better component average power than
any previous generation
• Enables PCs to meet latest Energy Star* requirements13
• Designed with halogen-free and lead-free manufacturing15
Intel® vPro™ technology can help meet your corporate energy
efficiency and environmental demands
21
Green Initiatives and Innovative Services
Energy Savings from Desktop to Mobile
Estimated Annual Energy Consumption16
KWh Consumed per Year
(lower is better)
1,200
1,000
800
Going Mobile
Going Green
600
400
>17x Reduction
200
0
Unmanaged
Pentium® D
Processor 945 with
CRT display
Unmanaged
Pentium® D
Processor 945 with
LCD display
Unmanaged CoreTM2
Duo E6550 with
LCD display
Managed CoreTM2
Duo E6550 with
LCD display
Managed CoreTM2
Duo T7700 mobile
platform
For system configuration details, please see Appendix
22
Green Initiatives and Innovative Services
Utilizing Virtualization for Your Business
Virtual
Machine A
Virtual
Machine B
Virtual
Machine A
Virtual
Machine B
Virtual
Machine A
Virtual
Machine B
Legacy Apps
New Apps
Windows XP*
or Windows
2000*
Windows
Vista*
Standard
Security Level
Restricted
Security
Level
User
Environment
IT Service
Container
Windows Vista*
Migration
Streamed OS
Streamed App
Protected Environments
for Sensitive Data
Virtual Dynamic Client
with Streamed IT Services
Intel® vPro™ technology with Intel ® Virtualization Technology
supports emerging virtualization models
23
Proven Technology
– Significant Industry Momentum
– Ecosystem Maturity
24
Proven Technology
Building on Intel® vPro™ Technology Success
Yearly Intel vPro™ Technology Shipments18
Million Units
25
20
15
10
5
0
2006
Desktop vPro
•
25
2007
2008
Notebook vPro
• Adopted by:18
– 60% of US Fortune 100
companies
– 54% of worldwide Global 100
companies
– All vertical segments including
financial, health, education,
government, and retail
businesses
– Widely deployed with small and
medium businesses
Supported by:18
– 80+ ISV consoles worldwide
– 5,000 active Intel channel partners buying Intel vPro technology-boards
– Over 6,000 Managed Service Providers have access to Intel vPro
technology enabled tools
– Dozens of service providers and outsourcers worldwide
Proven Technology
Intel vPro technology
Industry momentum examples
• Leading software vendors supporting Intel vPro technology (view
YouTube video by clicking on link)
– Native Intel vPro technology in Microsoft System Center Configuration
Manager 2007 SP1*
– Altiris Client Management Suite*with Intel vPro technology support
– Symantec BackUp Exec Recovery System* supports Intel vPro technology
• Enterprises are taking advantage of Intel vPro technology (view
YouTube video by clicking on link)
– EDS
– Sisters of Mercy Health System
– Bank of New York-Mellon
• Read Gartner Report: “Revisiting Intel® vPro™ Technology for
Corporate Purchases”
26
Summary
• Intel® vPro™ technology: Best for business with security and
manageability on the chip
• Hardware mitigates more risk than software alone and helps
run the business more efficiently
• Intel vPro technology enables you to meet your Green IT
initiatives and innovate
• Intel vPro technology is proven technology that hundreds of
enterprises are taking advantage of today
27
28
Back Up
• Intel® vPro™ technology
• Use models
• Green initiatives and Innovative Services
• WS-MAN and DASH info
• Intel vPro technology vs. previous generations
• Intel vPro technology Ice-Breaker Videos
• Intel vPro technology Case Studies and Return on Investment
• Intel® Stable Image Platform Program
29
Risk Management
Encrypted, Remote Power-On and Update
Push security updates to PCs even if they are powered off
1
IT Management Console reviews agent software
report in management database for client DAT
version to identify clients requiring update
Unique encrypted power-on command
issued by IT console
Virus DAT file on PC updated
and rebooted if necessary
Encrypted power-off command sent to PC
IT Management Console
2
3
4
Network
• Encrypted, remote deployment of patches without user interruption
• Reduced time required to deploy patches, reduced vulnerability
30
Return to
previous slide
Risk Management
Agent Presence Checking
Keep agents operating correctly17
IT management console repairs
non-working management agent
3
YES
NO
Agent Present?
1
YES
NO
4
PC alerts IT console that management
agent is missing or non-functioning
Security Agent
Agent Present?

 
IT Management Console
®
Intel
Intel
Intel®®
17
11
AMT
AMT
AMT
(((
Mgmt. Agent
(((
Management
or security
agent is
continuously
checking in with
Intel® vPro™
technology
2
Management agent fails
to check in
Network
Ensure more accurate PC asset inventory
31
Return to
previous slide
Risk Management
802.1x and Cisco SDN* Network
No need to lower network security for OSabsent management17
Router
2
Console request OS
absent management
session
802.1x and Cisco
SDN* credentials
presented from
nonvolatile
memory
3
Network
Maintain full network security
32
1
Router authenticates
credentials, credentials
verified, target PC admitted
to secure network
Console proceeds
with management
activity
Return to
previous slide
IT Management Console
4
Intel® vPro™ Technology Supported
within Microsoft NAP Framework
Health
Statements
Network
Access Decision
Network
Access
Requests
Intel® AMT
System Health Validator
Intel® AMT
System Health Agent
Network Access
Devices and Servers
SDN Agent
Enforcement Client
Clients
33
SDN Admin Server
Enforcement Server
Network Policy Server
Return to
previous slide
Risk Management
Enhanced System Defense Filters
Time-Based Filtering with Intel® vPro™ technology
Solution
• Step 1: Management console sets Intel® AMT filters thresholds (time window and # IP
connections)20
• Step 2: Client gets infected and begins worm propagation
A. Filter thresholds are tripped and network connectivity is disabled at client
B. An alert is sent to management console
• Step 3: System is cleaned and allowed onto network
Operating System
SW Agents
Intel®
PRO/1000
LAN
Management
Console
Corporate
Network
Intel®
Express Chipset
® Core™2
® Core™2
Intel
Intel
Duo
Processor
Processor
(CPU)
(CPU)
= System Off
34
Return to
previous slide
(G)MCH
DDR2
Manageability
Engine
DDR2
Embedded
Trust Agent
ICH-DO
Filters
Sensors
MAC
= System On
Filter Logs
ALERT
Time
FLASH
BIOS
NVM
= “Out-of-band”
Risk Management
WS-MAN and DASH Deliver More
Flexible, Secure, Consistent
Management Standards
• Intel continues 15 years of leadership on manageability
standards with co-authorship of WS-MAN and DASH
• WS-MAN versus ASF 2.0:
• More flexible and extensible with modular web services
architecture
• More secure, encrypted communications channel between
management console and client
• DASH 1.0 versus previous “inside the PC” implementation:
• Governs “inside the PC” execution of WS-MAN commands; An
equivalent standard did not exist previously
• Standardized profiles and execution protocols that describe
specific, consistent implementation
• DMTF compliance testing assures adherence to standard
35
Risk Management
Management Has Two Domains
Management console
PC Client
Chipset
LAN
Management
commands
Firmware
BIOS, Etc.
Domain #1
Console-to-Client Protocol
Describes functions and
command structures between
the console and the client over
the network
WS-MAN will eventually replace
ASF in this domain
Domain #2
Internal Execution Protocol
DASH 1.0 governs “inside the PC”
execution of WS-MAN commands while
an equivalent standard did not exist
previously.
These are standardized profiles &
execution protocols that describe
specific, consistent iplementation.
DMTF working to define compliance
testing that will ensure adherence to
standard.
36
Risk Management
How the Standards Fit – Before and After
Management console
PC Client
Management
commands
Chipset
LAN
Firmware
BIOS, Etc.
Typical
PC
and
37
Console-to-Client Protocol
Internal Execution Protocol
Before
ASF 2.0
No standard
After
WS-MAN
+ ASF Legacy support
2006 vPro and
2007 Centrino®
vPro
Intel® AMT
or ASF 2.020
2007 vProTM
and 2008
Centrino2
vPro
WS-MAN
+ Intel AMT, ASF Legacy support
DASH 1.0 execution protocols
Intel® AMT
DASH 1.0 execution protocols21
+ Intel AMT protocols for features
not defined by DASH
Keeping the Business Running Efficiently
Remote Diagnostics and Repair
Diagnose, reboot, and repair PCs down-the-wire
Desktop PCs with Intel®
vPro™ technology
1
2
PC unable to boot
IT Management Console
PC sends an alert
PC remotely rebooted from standard
image on management server
3
4
Technician diagnoses problem
and repairs issue as appropriate
(remote SW update, local HW install)
Network
• Reduce the number of desk-side visits
• Rapid response gets users up and running quickly
38
Return to
previous slide
Keeping the Business Running Efficiently
Secure, Remote Manageability and Support
Outside Corporate Firewall via Wired LAN22
vPro enabled
gateway
End-User
Firewall
Management
Console
Firewall
Who is likely to use business notebook PC secure communication
outside the corporate firewall?
• Notebooks located outside of the enterprise firewall on a home or open
network
• Small medium businesses remote notebook PCs at other locations without
an onsite proxy server or management appliance
• Managed by Small Medium Business or Managed Service Provider
New Intel® Centrino® 2 with vPro technology can securely
communicate outside corporate firewall via wired LAN
39
Return to
previous slide
Keeping the Business Running Efficiently
Hardware and Software Inventory
Accurately inventory hardware and software assets
IT Management Console
IT console polls PC for hardware IDs and
software versions regardless of power state
1
2
PC reports hardware IDs
and software versions
HARDWARE
SOFTWARE
Hard drive: Make, Model
Virus SW: Version
Memory: Size, Speed
Management SW: Version
CPU: Type, GHz
OS: Version
Network
• Faster, more accurate than manual audits
• Assist with upgrade planning, lifecycle management and government
regulations
• Save money on license fees with accurate software inventories
40
Return to
previous slide
Green Initiatives and Innovative Services
Increased Energy Efficiency
Save valuable energy with the use of energy management
policy software and Intel® vPro™ technology
IT console sets Energy
Management Policy with agent
System powered down when
inactive, based on policy
Enterprise
Energy
Management
Agent
System can be reliably activated
for maintenance via secure
management channel
Energy Management Agent
protected via agent presence
monitor
1
IT Management Console
2
3
4
Network
• Enterprise policy centrally managed and tamper resistant
• Agent can report energy usage and savings back to console
41
Return to
previous slide
Green Initiatives and Innovative Services
Making More Resources Available
for Innovation23
Costs: 11% Go Toward Innovation…
…89% for Maintenance
11%
Innovation
89%
Maintenance
42
Intel® vPro™ technology frees up
resources by aiding improvement
in service-level management and
security while keeping your
business running efficiently,
allowing you to spend more time
on innovations.
Green Initiatives and Innovative Services
Intel® Trusted Execution Technology
(Intel® TXT) with Intel® Virtualization
Technology (Intel® VT)
Virtual
Machine A
Virtual
Machine A
Apps and OS
Apps and OS

Hardware-based root of trust enables launch of
Virtual Machine Monitor into a known, expected
state. Changes to VMM can be detected via
hash-based measurements.

Intel® VT and Intel® VT for Directed I/O restrict
unauthorized software and hardware memory
access across virtual machines, enforcing
strong isolation.

Hardware-enforced removal of residual data at
virtual machine shutdown, protecting data from
memory snooping software.
Virtual Machine Monitor
Intel® Virtualization
Technology
Trusted Platform
Module v1.2
Intel® Authenticated
BIOS code modules
43
Green Initiatives and Innovative Services
PCs with Intel® vPro™ Technology
Windows Vista*
and
A winning combination to move your business forward25
• Create a more secure platform
– Intel® vPro™ technology’s system defense and agent presence checking combined
with the improved security for viruses and malware in Windows Vista*
– Better patching by finding all of your PCs down the wire, even if they are off or OS
inoperable
– OS-level network access protection, BitLocker* Drive Encryption
• Outstanding performance for multitasking business world
– Faster multi-core performance means fewer frustrating lags and delays with
Windows Vista
– Intel integrated graphics powerful enough for Windows Vista with full Aero* graphics
support without the expense of an external graphics card
• Faster Time to Fix
– Better crash protection and recovery techniques in Windows Vista*
– Secure, encrypted remote diagnostics and repair even if off or OS inoperable
44
Appendix
System information for “Energy Savings from Desktop to Mobile” slide
• Intel Core 2 Duo processor E6550 (2.33GHz, 1333MHz FSB, 4MB L2 Cache), Intel ® DQ35JO
motherboard with Intel® Q35 Express chipset; 1333MHz FSB, Intel integrated graphics,
2x1GB Micron* DDR2-667 5-5-5-15, Seagate* 320GB/16MB cache/7200rpm, Windows*
Vista* Enterprise
• Intel Pentium D Processor 945 (3.4GHz, 800MHz FSB, 2x2MB L2 Cache), with Intel 945G
Chipset on Intel D945GPM board, Intel Chipset Software Installation File 8.1.1.1010, Dual
Channel Micron* PC2-5300U 2x1GB of DDR2 667 5-5-5-15, Seagate* Barracuda*
320GB NCQ SATA2 7200RPM, Windows* Vista* Ultimate RTM Build 6000 NTFS
• ACER 5720 Intel Core 2 Duo T7700 (2400MHz/800FSB L2 4MB) with Integrated
Graphic,2x1GB Hynix DDR2-667, Hitachi 160GB 5,400rpm HDD
• Display power draw values gathered from spec sheets of 10 models of each type of display
(CRT and LCD)
• Energy Cost: 7.705 cents/KWh, which is the U.S. average for industrial and commercial
customers as of June, 2007. Source: U.S. Department of Energy,
http://www.eia.doe.gov/cneaf/electricity/epm/table5_6_a.html
• Intel EEP methodology is described here: http://www.intelcapabilitiesforum.net/EEP/
• Performance tests/ratings are provided assuming specific computer systems and/or
components and reflect the approximate performance of Intel products as measured by
those tests. Any difference in system hardware or software design or configuration may
affect actual performance. This data may vary from other material generated for specific
marketing requests
45
Intel® vPro™ technology use cases and capabilities
AC-powered wired or
Battery-powered
wireless notebook or
wired or wireless notebook
wired desktop
ASLEEP
(Sx)
PROPERLY
AWAKE,
BUT
OS
UNRESPONSIVE
YES
YES
YESa
N/A
YESa
YES
YES
YESa
N/A
YES*
YESa
YES
YES*
YESa
N/A
YES
YESa
YES
YES
YESa
N/A
YES*
YESa
N/A
YES*
YESa
N/A
YES
YESa
N/A
YES
YESa
N/A
YES*
N/A
N/A
YES*
N/A
N/A
YESb
N/A
YESb
N/A
ASLEEP
(Sx)
PROPERLY
AWAKE,
BUT
OS
UNRESPONSIVE
YES
YESa
YES
AWAKE, OS
USAGES
USE CASES
Remote power up / power cycle
Remote diagnosis
and repair
Remote hardware/software asset
tracking
Encrypted, remote software
update
Agent presence checking and
alerting
System isolation and recovery
Remote configuration
Secure tunnel for communication
outside corporate firewallb
46
IT resets PC to clean state (or powers
up PC for servicing). Use power
management to reduce energy costs.
IT diagnoses remotely via out-of-band
event log, remote/redirected boot, and
console redirection.
Take a hardware and software
inventory regardless of OS or power
state.
Third-party application
discovers/updates antivirus engines
and signatures.
Ensure critical applications are
running.
Automated or manual policy-based
protection against virus outbreaks.
Configure and provision PCs without a
deskside visit
Remote repair and maintenance
support for systems outside the
firewall
WORKS
YESb
notebook only
notebook only
AWAKE, OS
WORKS
YESb
notebook only
notebook only
*Also available in presence of host OS-based VPN
a
Requires WPA or WPA2/802.11i security and Controller Link 1 for wireless operation when user OS is down.
b
Systems using Client Initiated Remote Access (CIRA) require wired LAN connectivity and may not be available in public hot spots
or “click to accept” locations. For more information on CIRA visit, www.intel.com/products/centrino2/vpro/index.htm. Only supported
by the latest notebooks with Intel vPro technology.
Intel® vPro™ technology in the Environment in 2008
Intel Product Name
Intel Codename
Intel® Core™2 processor
with vPro™ technology
Intel®
Intel®
Core™2
Intel® Centrino® with vPro™
Centrino® 2
processor
technology
with vPro™
with vPro™
technology
technology
Averill
Averill
Santa Rosa
Santa Rosa R
Weybridge
Montevina
AMT 2.0
AMT 2.2
HP
AMT 2.5
AMT 2.6
HP, D, L, T
AMT 3.0
AMT 4.0
Dash28 1.0
Dash28 1.1
Boot Control
X
X
X
X
X
X
X
X
Power State Management
X
X
X
X
X
X
X
X
HW Inventory
X
X
X
X
X
X
X
X
SW Inventory
X
X
X
X
X
X
X
X
HW Alerting
X
X
X
X
X
X
X
X
Serial Over LAN
X
X
X
X
X
X
X
IDE Redirect
X
X
X
X
X
X
X
Non Volatile Memory
X
X
X
X
X
X
X
Agent Presence
X
X
X
X
X
X
System Defense Filters
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Intel® Active Management Technology
Version
ME Wake on LAN
Cisco NAC
Remote Configuration
X
Host VPN for Intel AMT
X
X
X
Audit Logs
Wireless Mgmt in Sleep
X
States27
X
Microsoft NAP
X
Client Initiated Remote Access
X
Enhanced system defense filters
47
X
48
Processor
Networking
Mobile Intel® 45 Express Chipset with
ICH9M-Enhanced supporting Intel® Active
Management Technology v4.0
• Intel® 82567LM Gigabit Network Connection –
Digital Office supporting Intel AMT and LAN
drivers
• Intel® WiMAX/WiFi Link 5050 series 3x3 or 1x2
or Intel® WiFi Link 5000 series 3x3 or 1x2 AGN,
supporting Intel AMT and WLAN drivers
Firmware
and BIOS
45nm Intel® Core™2 processors with Intel®
Virtualization Technology and Intel® Trusted
Execution Technology
Chipset
Intel® Centrino® 2 with vPro™
Technology
• Trusted Platform Module 1.2
• Intel AMT 4.0 Firmware
• Intel VT-x, VT-d, Intel TXT, Intel AMT 4.0, TPM
1.2 capable BIOS*
*Optional to be turned on
Intel® Centrino® 2 with vPro™ Technology
Improvement On All Mobility Vectors
Extending
Leadership
1.9X
improvement
in 3DMark*
Performance
over Intel®
GM965
Lower Average
CPU Power
0.8W
Battery life to
watch a full
Blu-ray* movie
Beautiful Thin
Systems with
25W CPU
Improved
Connectivity
up to
450Mbps
Optional WiMAX
available 2H
2008
Improved for
Enterprises and
SMB
New
out-of-band
wireless
manageability
and
user-initiated
secure tunnel
49
Processor
Intel® Q35 Express Chipset with ICH9-DO
Firmware
and BIOS
Networking
& Security
Intel® Core™2 Duo and Core™2 Quad
processor family with Intel® Virtualization
Technology and Intel® Trusted Execution
Technology
Chipset
Intel® CoreTM2 processor with vPro™
Technology
Intel® 82566DM Gigabit Platform LAN Connect
Trusted Platform Module (TPM) 1.2
Intel® VT + Intel® VT for Directed I/O, Intel® Trusted
Execution Technology (Intel® TXT), Intel TPM 1.2 capable
BIOS*
Intel® AMT release 3.0 firmware
*Optional to be turned on
50
Ice Breaker Videos
•So You Want To Be an IT Superhero …
•The “v” in Intel® vPro™ Technology
•Best Intel® vPro™ Technology Acronyms
•IT Utopia: What Does It Mean To You?
•Intel® vPro™ Technology Challenge
51
So You Want To Be an IT Superhero …
52
Return to
previous slide
The “v” in Intel® vPro™ Technology
53
Return to
previous slide
Best Intel® vPro™ Technology Acronyms
54
Return to
previous slide
IT Utopia: What Does It Mean To You?
55
Return to
previous slide
Intel® vPro™ Technology Challenge
56
Return to
previous slide
Leading Intel vPro technology
Case Study Library
•
•
•
•
57
EDS
State of Indiana
Valueclick
Advocate Health Care
EDS
Case Study Summary
• Challenge
– Excessive desk side visits for remote call centers
– Disorganized asset management
• Solution
– Enhance and extend remote management capabilities of desktops
and notebooks
– Initial deployment of Intel® vPro™ technology in a call center
demonstrated measurable opportunities and improvements
• Result/Benefit
– 3X return on investment by the end of the third year
– Up to 25% improvement in power efficiency
– Estimated positive ROI of 296% over 3 years
• Read the Case Study:
http://www.intel.com/references/pdfs/EDS_Case_Study.pdf
58
State of Indiana
Case Study Summary
• Challenge
– Improve the customer experience; slow systems and
frequent downtime kept users offline
– Slash support costs; aging PC fleet complexity drove costs
up
• Solution
– Refresh the PC base with Intel® vPro™ technology
– Call on the experts to redo PC manageability processes
• Result/Benefit
– Savings of $400,000 in IT efficiencies annually
– Energy savings of $400,000 annually
– Reduction of 856,000 Pounds of Carbon Dioxide Emissions
through Remote Services & Off-Hours Power Management
• Read the Case Study:
http://www.intel.com/references/pdfs/Intel_ESS_State_of_In
diana_LR.pdf
59
ValueSpace
Case Study Summary
• Challenge
– ValueSpace, an iCafe franchise headquartered in South Korea, wanted to
identify the positive ROI offered and potential revenue gains realized by
deploying PCs with Intel® vPro™ technology.
– The iCafes operate 24/7 with no “off-hours.”
• Solution
– Deploy 2,500 PCs with Intel vPro technology
• Result/Benefit
– Positive ROI across 5 years of 259% through improved support for remote
hardware diagnostics, and software problem diagnosis and repair.
– Break-even point achieved in 1.5 years.
– Projected savings for the franchise of over $1M in IT help-desk costs over
5 years.
– Projected revenue gains for iCafe owners of over $300,000 over 5 years.
• Read the Case Study:
http://communities.intel.com/servlet/JiveServlet/previewBody/1642-102-12010/ValueSpace_ROI_final_319989-001US.pdf
60
Advocate Health Care
Case Study Summary
• Challenge
– Excessive downtime of health professionals & spiraling repair costs
– Disorganized asset management and need to improve PC patch
management
• Solution
– Evaluate multiple ways in which using PCs with Intel® vPro™
technology to reduce downtime, improve asset management and
enhance security
• Result/Benefit
– Dramatically reduce the time and costs of conducting asset
inventories, updating systems, and managing antivirus agents
– Net savings of approximately $321,000 over four years for PC
support and IT operations
• Read the Case Study:
http://www.intel.com/references/pdfs/Intel_ISS_Advocate_CS_HR.pdf
61
Keeping the Business Running Efficiently
Significant Return On Investment (ROI)
Payback time of 15 mo., $142.75 per PC per year
27&28
Payback in 15 months for average
company with 12,300 notebooks
Assumes $360K implementation cost and
cost adder for new technology
Savings / PC / Yr
Minor app / SW update reduction in
deployment failure rate
$50.71
Helpdesk cost reduction
$34.44
Manual HW malfunction resolution
$17.18
Manual SW malfunction resolution
$16.14
Major app deployment cost reduction
$12.36
Mobile PC audit failure reduction
$7.00
Other
$4.92
Total
62
$142.75
Keeping the Business Running Efficiently
Estimate Your Own Savings with the
Intel® vPro™ Technology ROI Estimator
• Based on 41 businesses with
1000+ PCs from N. America
and Europe
• Adjustable inputs
• Savings and Cost Difference
output via table and graph
63
Visit
http://intel.com/go/vproestimator
Keeping the Business Running Efficiently
2007 Intel® SIPP Requirements & Transition Calendar for
Desktop31
• Option 1: Business Desktop PCs based on Intel® vPro™
Processor Technology
– Intel® Core™2 Duo processor E6x50 sequence with Intel® Virtualization
Technology and Intel® Trusted Execution Technology
– Intel® Q35 Express chipset w/ICH9-DO
– Intel® 82566DM Gigabit Network Connection
– Intel® Graphics Media Accelerator 3100,
driver production version 14.29 (Windows XP*)/15.4
(Windows Vista*) or higher
– Wired LAN reference drivers, 9.8.20.0 for Windows XP* & 7.5.5 for Linux*
– Intel® Stable Image Technology enabled in BIOS
• Option 2: Business Desktop PCs based on Intel®
Core™2 Duo Processor E6X50 series and Intel® Q33
Express Chipset
–
–
–
–
–
–
Intel® Core™2 Duo processor E6x50 sequence and 6540
Intel® Q33 Express chipset w/ICH9, ICH9R
Intel® 82566DM Gigabit Network Connection
Intel® Graphics Media Accelerator 3100,
driver production version 14.29 (Windows XP*)/
15.4 (Windows Vista*) or higher
Wired LAN reference drivers, 9.8.20.0 for
Windows XP* & 7.5.5 for Linux*
Intel® Stable Image Technology enabled in BIOS
• Option 3: Business Desktop PCs based on Intel® Core™2 Duo
Processor E6X50 series and Q35 Express Chipset
(Not vPro branded)
–
–
–
–
Intel® Core™2 Duo processor E6x50 sequence and 6540
Intel® Q35 Express chipset w/ICH9-DO, ICH9R, ICH9
Intel® 82566DM Gigabit Network Connection
Intel® Graphics Media Accelerator 3100, driver production
version 14.29 (Windows XP*)/15.4 (Windows Vista*) or higher
– Wired LAN reference drivers, 9.8.20.0 for Windows XP* & 7.5.5 for Linux*
– Intel® Stable Image Technology enabled in BIOS
2006
Q3’06
Qual
Q4’06
Q1’07
Q2’07
Q3’07
Q4’07
Q1’08
MAY
Q2’08
Q3’08
Deploy 2006 Intel® SIPP Platform
Qual
64
2008
2007
Deploy 2007 Intel® SIPP Platform
Keeping the Business Running Efficiently
2008 Intel® SIPP Requirements & Transition Calendar for Notebooks
Professional Business Platform
Fundamental Business Platform
Centrino® 2 with vProTM technology
Centrino® 2 processor technology
•
•
Intel® Core™2 Quad, Intel® Core™2 Duo:
T9600, T9400, P9500, P8600, P8400, SP9400,
SP9300, SL9400, SL9300, SU9400, SU93001
•
Mobile Intel® GM or PM 4 Series Express
Chipsets with ICH9M Enhanced or Mobile Intel®
GS 4 Series Express Chipsets with ICH9M-SFFEnhanced
Intel® 82567LM Gigabit Network Connection
Intel® WiFi or WiMAX/WiFi Link 5000 series
Intel® Stable Image Technology enabled in
BIOS
•
•
Intel® Core™2 Quad, Intel® Core™2 Duo:
T9600, T9400, P9500, P8600, P8400, SP9400,
SP9300, SL9400, SL9300, SU9400, SU93001
Mobile Intel® GM or PM 4 Series Express
Chipsets with ICH9M Enhanced or Mobile Intel®
GS 4 Series Express Chipsets with ICH9M-SFFEnhanced
Intel® 82567LM Gigabit Network Connection
•
•
•
•
•
Intel® WiFi or WiMAX/WiFi Link 5000 series
Intel-optimized advanced management &
security solutions with Intel® AMT3 v4.0, Intel®
Virtual Technology2 (VT-x, VT-d) & Intel®
Trusted Execution Technology
•
Intel® Stable Image Technology enabled in BIOS
2008
Q3’08
Qual
65
2009
Q4’08
Deploy 2008
Q1’9
Intel®
Q2’09
Q3’09
Notebook SIPP Platform
MAY
Keeping the Business Running Efficiently
Intel® vPro™ Expert Center
•Providing an open dialogue
between Intel and the IT
community
•Using collaboration,
knowledge management
tools, and training materials
to raise the expertise level of
the entire IT Community
www.intel.com/go/vproexpert
66
•Reducing the integration
time required to implement
Intel® vPro™ technology in
enterprise IT shops and small
and medium businesses