Intel vPro In 2012, Small Business Advantage, And Anti-Theft Tech.

Intel Small Business Advantage: The Software

As we mentioned on the previous page, Small Business Advantage is aimed at individuals and small businesses with no dedicated IT staff. It's a collection of technologies able to help facilitate the automation of basic administrative tasks that someone without much experience might not take care of on their own.

The Components Of SBA

Intel includes a number of application modules with SBA, each of which is designed to serve a purpose you might expect out of an IT person.

Take the PC Health Center as an example. The applet lets you schedule Windows Update checks, disk defragmentation, a purge of temporary Internet files, and a complete wipe of any cookies on a machine. You can pick a time of day for tasks you'd like to run every 24 hours, or a day of the week for tasks that don't need to run as often. The real kicker is that everything can be scheduled to happen in the middle of the night. Even if you're in the habit of turning your system off when it's not in use, the interaction between hardware and software makes it possible for SBA to turn the machine on, execute a workload, and turn back off again, making maintenance virtually transparent.

Intel's Software Monitor is another noteworthy module. The applet detects certain programs and services running on a compatible PC (like Microsoft Security Essentials, for instance) and gives you the option to keep an eye on them. Should a malicious piece of code attempt to kill one of those important processes, usually for the purpose of installing something bad, Software Monitor pops up a warning letting you know your layers of security are being picked off.

Data Backup and Restore is a third component of SBA critical to the maintenance of a healthy work-oriented machine. How often do we remember to save our work? What about a complete backup? Intel's module instantiates the Windows Backup utility, walking you through the setup process and scheduling regular save points that can be triggered after hours. 

Energy Saver is named a little less obviously. If you're in the habit of leaving your machine on when you go home, letting it enter hibernation on its own, and then waiting for it to wake up when you get back to work, this feature could conceivably be convenient. The app facilitates a scheduled shut-down at night and a timed power-up in the morning, keeping IT resources turned off when they're not being used.

Finally, USB Blocker is a security-oriented capability that allows selective use of USB-based devices. You can turn off every type of mass storage, for example, but still allow printers to function. Even within a class of device, it's possible white-list specific devices. The idea, of course, is to prevent the theft of data. If nobody has any business plugging a flash-based thumb drive into a machine with accounting information, simply disable its USB ports, removing all doubt about your vulnerability to loss via USB.

  • bit_user
    Toms, you really need to blow the lid off the incredibly dangerous security flaws in vPro that can enable undetectable and irremovable rootkits. semiaccurate.com did some reporting on this. Please alert the mainstream. The exploit was already demonstrated some time ago.

    Thanks.
    Reply
  • bit_user
    I don't know if it's allowed, but here's the link:

    http://semiaccurate.com/2012/05/15/intel-small-business-advantage-is-a-security-nightmare/

    Maybe the editors will read it before they remove this post. It's not a terribly well-written article. That's where you can help, Tom's.
    Reply
  • freggo
    Why not integrate a GPS receiver into the motherboard and than have an option to define 'allowed' active areas for the system. For desktops that should be no problem as they do not get moved much.

    For laptops you may have to take a bit more time defining your typical usage area of course; you could even let the laptop track your typical usage location patterns so it can make recommendations for the best setup.

    If the systems is outside the area either request a special password or some other form of identification to unlock the machine either for one time or for inclusions of the current location into the allowed area.

    Damn, I should get that patented :-)

    Reply
  • bigdragon
    I have a hard time reading this lengthy article after all the trouble I've had with Intel's DBS1200KP and DBS1200KPR. Intel keeps promoting virtualization, but they failed to implement VT-d on that product even though there's no reason for it not to be supported.
    Reply
  • StitchExperiment626
    Backup is my complaint! Doing a full backup every night there isn't enough time.
    Reply
  • jkflipflop98
    Keep in mind, all the garbage you read on that site is by Charlie Demerjian. . . who honestly doesn't know much about anything.
    Reply
  • labtech drew
    Having owned an MSP (Managed Service Provider), with hundreds of customers, and thousands of machines under management, vPro add's enormous cost savings when implemented.

    Customer has a blue screen? No problem, you can KVM right in and see the issue.

    Workstation hung after remotely applying patches - calling the user and saying "Can you go over and hold the power button for me?" is no longer necessary. Simply shutdown the machine via vPro and power it back on. Even remotely re-imagine a machine from backup is possible.

    However, my favorite use case is the instant back to work use case. End user hard drive fails - obviously a truck roll is needed, but the most important thing is to get the user productive again. Leverage vPro's ability to redirect IDE (IDEr) to a network Live Linux CD at least gets the user in to Web Outlook, if not 100% back in business.

    How about power savings? Schedule machines to auto shutdown at night, and for your patch window, use vPro to power up the workstations, apply the patches, power down (from windows) and if a machine hangs on shutdown use the vPro power off command. Allows for nightly maintenance and keeps costs savings maximized.

    Rolling out vPro can be a bit of work using native tools, but there are solutions available (shameless plug) like LabTech Software (http://www.labtechsoftware.com) which can remotely provision and manage vPro along with any other IT management function you can think of.

    -Drew

    Full disclosure: Having ran an MSP and worked with many enterprises, out of band management tools were critical in every mature organization I worked with. As a co-founder of LabTech Software, I have engaged Intel and we are working closely to build out solutions that vPro truly solves for.
    Reply