Advertisement
Promo

Security threats Toolkit

Cisco and Intel join forces for remote client management

Rupert Goodwins in San Francisco ZDNet.co.uk

Published: 25 Aug 2005 13:25 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

With security consistently clocking in as the number one IT concern for companies, Intel and Cisco have used the autumn 2005 Intel Developer Forum to cement their alliance as providers of enterprise-level comfort to harassed IT managers.

The two companies announced on Wednesday they would work closely together on developing and deploying their two major management schemes — Intel's Active Management Technology (AMT) and Cisco's Network Admission Control (NAC) — as ways to secure networks against internal and external threats.

"Ninety-seven percent of American enterprises use perimeter firewalls," said Hormuzd Khosravi of Intel's Communications Technology lab, "and 72 percent have intrusion-detection systems. But 55 percent have been attacked by worms or viruses and 95 percent have been penetrated from within. Best efforts aren't good enough."

Intel's AMT is a combination of hardware and software that is closely coupled with the company's gigabit Ethernet technology. Essentially, AMT is a tiny self-contained network-enabled computer with a complete HTTP server that can be operated remotely, provided only that an Ethernet connection and power are provided — the rest of the host can be fully running, quiescent or crashed. When it's running, software in the host can talk to the AMT system and respond to requests or provide services.

AMT monitors a system; maintains lists of installed hardware and software; keeps an event log; and can even be used to remotely load and run a new operating system at roughly the speed of a 7X CD-ROM drive. It cannot be disabled or tampered with by the user, short of full mechanical disconnection from the network, nor can it be attacked by malevolent software. "AMT can discover problems, remotely heal them without incurring an expensive desk visit and protect against further problems," said Khosravi.

Cisco's (NAC) framework is far more network-centric. It focuses on identifying and controlling the client access on a network, granting different levels of access according to centrally decided policies. An individual computer can be checked for the right level of patches, for example, and be gradually isolated from resources if its owner doesn't ensure that it's up to date over time. "What's significant to the enterprise is that it can react quickly to a new threat," said Dan DeLiberato of Cisco's Security Technology Group. "With this, you can easily program into the policy side that people must have a component in order to connect, pushing people into a quarantined network gradually until they fix their problems."

When used together, AMT can provide an indicator of health for NAC policy decisions. NAC's own security can be used in turn to authenticate the AMT system on a host, checking that any cryptographic requirements are present before allowing AMT action.

"AMT is a very powerful tool, so you need to be responsible about using it," said DeLiberato, "using NAC to make sure, for example, that you've got TLS [Transport Layer Security, an encrypted transmission system] on the client to guarantee its integrity. You can set and enforce policies that reinforce the effectiveness of AMT."

AMT is currently limited by its physical requirements. It must be present on the system's motherboard, as it needs signals that are not available via standard expansion buses, and it is tightly coupled to aspects of Intel's chip set architecture. AMT also doesn't have native VPN capabilities, so some aspects such as communicating with management systems independently of the host won't work for remote computers accessing the corporate LAN via the Internet. Intel accepts these limitations as part of AMT 2005, but says that there'll be announcements next year about wireless and other capabilities that will extend the reach of the standard.

"Ideally, we don't want the users to care about the physical nature of the machines being managed, just how they talk to it," said Khosravi.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
47 out of 106 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:




Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters