What’s New: Today at the Intel Federal Summit 2019 in Washington, D.C., Intel announced that it has collaborated with industry leaders including Hewlett Packard Enterprise (HPE), Mercury Systems and Supermicro (SMCI) as they ready solutions for market based on the Intel® Select Solutions for Hardened Security with Lockheed Martin. The solutions are built on a foundation of 2nd Generation Intel® Xeon® Scalable processors and provide protection across the entire computing stack, from hardware to software, including hypervisors, operating systems and applications.
“The devastation of cybercrime has rallied the smartest minds within the tech industry to find a new way to architect technology to protect an organization’s most critical data. Our work with Lockheed Martin is being used in production to secure the most sensitive workloads and marks the next level of hardware-based security that is essential for the future of cloud computing at scale, joining a rich set of solutions in the Intel portfolio.”
–William Giard, chief technology officer, Digital Transformation & Scale Solutions, Data Center Group at Intel
Why It Matters: Security remains the number one consideration in how enterprise and government entities evaluate their cloud workloads. Intel is working with industry leaders in the ecosystem like HPE, Mercury Systems and Supermicro to improve the security posture for enterprise and government customers. Infrastructure modernization has not been easy to address in conventional virtual machine (VM) environments due to security, performance, determinism, complexity and cost requirements.
What It Does: The Intel Select Solutions for Hardened Security with Lockheed Martin reference design helps protect high-value data at runtime through a hardened full-stack security solution. Isolation techniques create advanced runtime security domains within a trusted virtualization environment that are resistant to unauthorized modifications and help to mitigate information leakage outside of each isolated runtime security domain.
The Details: The Intel Select Solutions for Hardened Security with Lockheed Martin reference design represents a combination of Intel and Lockheed Martin technologies developed to improve security beginning when the system is powered on, through boot, BIOS load and runtime of applications in a VM environment. It delivers hardware-enforced firewalling that helps separate sensitive data from untrusted workloads, providing cross-domain protection against leakage, modification and privilege escalation. Partitioning and isolation of shared resources (such as cache, cores, memory and devices) in the virtualized environment support confidentiality, integrity and availability, with consistent application performance. Customer benefits include:
- Boot protections and a chain of trust verify and maintain system integrity from power-on through the launching of critical applications.
- User controls and security choices to isolate and protect virtualized workloads. Provides segmentation of shared resources such as cores, cache, memory, and devices.
- More consistent and deterministic performance with isolated VMs through the segmentation and ideal allocation of compute resources.
- Modernized infrastructure by consolidating multiple, complex and dedicated legacy servers into a simplified and partitioned solution with advanced performance, new security protections and QoS features. Minimizes time, cost and complexity of evaluating and integrating hardware and software.
More Context: Intel Security News