Intel vPro In 2012, Small Business Advantage, And Anti-Theft Tech.

By Patrick Kennedy
published

One year ago, we took a look at three generations of Intel's vPro, charting how its features evolved. Now, we have a new version to explore. Additionally, we're putting Anti-Theft technology to the test, along with the new Small Business Advantage suite.

Upgrading Our vPro Platform: The Ivy Bridge Generation

In our last look at vPro, we used three generations of the technology to map its evolution over time. This time around, we have a Core i7-3770 processor and DQ77MK motherboard to build on that foundation and demonstrate what has changed in the last year.

The Core i7-3770 is one of Intel's highest-end Ivy Bridge-based processors based on the company's 22 nm manufacturing process. It's very similar to the enthusiast-oriented Core i7-3770K, except that its base frequency is 100 MHz lower and it doesn't have an unlocked ratio multiplier. Also, the non-K-series SKU does include vPro and VT-d support. 

Beyond specific CPU model requirements, vPro support also necessitates a compatible chipset and motherboard. On the desktop, Intel's Q77 is the only 7-series Platform Controller Hub that qualifies. In the mobile space, QM77 gets that distinction. 

Not surprisingly, then, our DQ77MK motherboard comes armed with a Q77 PCH. It lacks a lot of the features we typically look for in our motherboard round-ups, which typically emphasize the feature power users want, but instead leans on integration. Integrated graphics, native USB 3.0, one of Intel's gigabit Ethernet controllers, and PCH-based storage all work together to benefit performance, power, and interoperability.

We see a typical desktop board with a few hard-to-spot (unique) features. First, between the SATA ports and expansion slots, there's a mini-PCIe slot. You'd commonly find a wireless networking adapter or mSATA-based SSD plugged in. And, given Q77's support for Smart Response Technology (essentially, SSD caching), it's most probable that you'd drop a small solid-state repository in that slot and use a larger 3.5" disk drive for user data.

There is a single 16-lane PCI Express slot for discrete graphics upgrades. Depending on whether you use an Ivy or Sandy Bridge-based CPU, that interface runs at either 3.0 or 2.0 transfer rates.

Other expansion slots include a PCI Express x1 slot, a legacy PCI slot, and an open-ended PCI Express x4 slot. The fact that the x4 physical connector doesn't have a back means that larger, more bandwidth-intensive cards can be slid in and still operate at reduced speeds. A storage controller, for instance, might employ a x8 slot. It'll still work in an open-ended x4 interface, though.

The DQ77MK's rear I/O panel hosts a fairly standard array of USB 2.0, USB 3.0, FireWire, eSATA, Ethernet, and audio connectors. Intel exposes two DVI outputs and a DisplayPort connector, too, corresponding to the Ivy Bridge architecture's ability to drive three independent displays concurrently.

A quick look at all four of the vPro generations we've analyzed definitely reveals a handful of trends:

Swipe to scroll horizontally
Four Generations of Intel vPro-Capable Motherboards
MotherboardDQ45CBDQ57TMDQ67SWDQ77MK
Processor InterfaceLGA 775LGA 1156LGA 1155LGA 1155
Form FactorMicro ATXMicro ATXMicro ATXMicro ATX
Memory TypeDDR2DDR3DDR3DDR3
Graphics OutputsDVI-I, DVI-DDVI-I, DVI-D, Display PortDVI-I, DVI-D, Display PortDVI-I, DVI-D, Display Port
USB 2.0 Ports1214128
USB 3.0 Ports0024
SATA 3Gb/s6523
SATA 6Gb/s Ports0022
eSATA Ports1121
10/100/1000 NICIntel 82567LMIntel 82578DMIntel 82574LMIntel 82579LM and Intel 82574L
Intel AMT Version5.x6.x7.x8.x

The integration of USB 3.0 makes it easier for Intel to expose more of the higher-speed interface on its DQ77MK motherboard, whereas the previous generation needed an add-on controller. Also, the company is, for the first time, arming its business-class motherboard with two gigabit-class network controllers. Intel's 82574L is perhaps the most widely-supported gigabit controller out there, and if you use this platform under an operating environment other than Windows or Linux (say, VMware ESXi, FreeBSD, or even OpenSolaris), the 82574L should be immediately recognized. A second controller also allows more complex networking configurations, such as link aggregation.

Patrick Kennedy
7 Comments Comment from the forums
  • bit_user
    Toms, you really need to blow the lid off the incredibly dangerous security flaws in vPro that can enable undetectable and irremovable rootkits. semiaccurate.com did some reporting on this. Please alert the mainstream. The exploit was already demonstrated some time ago.

    Thanks.
    Reply
  • bit_user
    I don't know if it's allowed, but here's the link:

    http://semiaccurate.com/2012/05/15/intel-small-business-advantage-is-a-security-nightmare/

    Maybe the editors will read it before they remove this post. It's not a terribly well-written article. That's where you can help, Tom's.
    Reply
  • freggo
    Why not integrate a GPS receiver into the motherboard and than have an option to define 'allowed' active areas for the system. For desktops that should be no problem as they do not get moved much.

    For laptops you may have to take a bit more time defining your typical usage area of course; you could even let the laptop track your typical usage location patterns so it can make recommendations for the best setup.

    If the systems is outside the area either request a special password or some other form of identification to unlock the machine either for one time or for inclusions of the current location into the allowed area.

    Damn, I should get that patented :-)

    Reply
  • bigdragon
    I have a hard time reading this lengthy article after all the trouble I've had with Intel's DBS1200KP and DBS1200KPR. Intel keeps promoting virtualization, but they failed to implement VT-d on that product even though there's no reason for it not to be supported.
    Reply
  • StitchExperiment626
    Backup is my complaint! Doing a full backup every night there isn't enough time.
    Reply
  • jkflipflop98
    Keep in mind, all the garbage you read on that site is by Charlie Demerjian. . . who honestly doesn't know much about anything.
    Reply
  • labtech drew
    Having owned an MSP (Managed Service Provider), with hundreds of customers, and thousands of machines under management, vPro add's enormous cost savings when implemented.

    Customer has a blue screen? No problem, you can KVM right in and see the issue.

    Workstation hung after remotely applying patches - calling the user and saying "Can you go over and hold the power button for me?" is no longer necessary. Simply shutdown the machine via vPro and power it back on. Even remotely re-imagine a machine from backup is possible.

    However, my favorite use case is the instant back to work use case. End user hard drive fails - obviously a truck roll is needed, but the most important thing is to get the user productive again. Leverage vPro's ability to redirect IDE (IDEr) to a network Live Linux CD at least gets the user in to Web Outlook, if not 100% back in business.

    How about power savings? Schedule machines to auto shutdown at night, and for your patch window, use vPro to power up the workstations, apply the patches, power down (from windows) and if a machine hangs on shutdown use the vPro power off command. Allows for nightly maintenance and keeps costs savings maximized.

    Rolling out vPro can be a bit of work using native tools, but there are solutions available (shameless plug) like LabTech Software (http://www.labtechsoftware.com) which can remotely provision and manage vPro along with any other IT management function you can think of.

    -Drew

    Full disclosure: Having ran an MSP and worked with many enterprises, out of band management tools were critical in every mature organization I worked with. As a co-founder of LabTech Software, I have engaged Intel and we are working closely to build out solutions that vPro truly solves for.
    Reply