Michael Pastore: Hello everyone and welcome to our third installment of the talking vPro Podcast. My name is Mike Pastore I'm the Executive Editor of Special Projects at Internet.com, and I am honored to be joined once again by Josh Hilliker, who is the Intel Architect and Community Manager for the vPro Expert Center. Hi Josh.
Josh Hilliker: Good morning.
Michael Pastore: Today we are going to talk about the third generation of vPro technology, it was code named McCreary and it's been covered in the technology press over the last couple months and couple weeks. Josh is going to give us a few more details.
Before we get into the new stuff, Josh, if you could kind of give us a brief chronology of the first couple of generations of vPro that have gotten us up to this point, and what's been added as we've gone along.
Josh Hilliker: Absolutely, so let's start with the journey, and the journey on the desktop. We started out with our first Intel vPro desktop code-name Averill, and the basic functionality, about eight different use cases, and those are all posted on the Internet, so you can go out there and look. But there's eight basic use cases, then we shifted to Weybridge, which is our next-generation desktop. And even more features, we stepped in our Intel Active Management Technology, we have Intel Trust Execution Technology, a little more around the TPM, so again, just moving to the next desktop.
And then our final desktop that we're going to talk a little bit more about today is McCreary, which is we call it AMT 5.0, so Intel Active Management Technology 5.0. And that is the latest desktop that you can buy today. There's a couple of sites out there where you can go to see where to buy to actually find out who's selling it, but that is the latest and greatest.
Michael Pastore: Now which processors for the laptop or the desktop does one have to buy in order to get the latest and the greatest?
Josh Hilliker: Great question, Mike. So McCreary is, of course, Intel Core 2 Duo, or Intel Core 2 Quad processor families; so one of those two. But also in buying vPro, there's certain specific ingredients that go along with it. So you've got to look for the label, actually the –Intel Core 2 Duo with Intel vPro technology, and they're labeled a little different on the desktop, so you got to look for that label specifically when you buy. Or if you go online, you can search and see an Intel vPro technology attribute when you buy that desktop.
Michael Pastore: OK, so why don't we get into some of the new stuff, I was looking over the Intel site and a lot of what's been written up to this point about the new technology. There is a Remote Alert function, why don't we talk a little bit about that.
Josh Hilliker: Yes, absolutely. So when you look at the vPro 2008 platform, right? And you kind of dig into how are we changing the security elements, and adding to the security goodness of the platform… that's where Remote Alerts falls into. And really what that means if you click in remote alerts is that wherever that machine is at, it doesn't matter as much anymore. So let me give you an example, when you look back at vPro 2006 and 2007, the dialogue was all around "Is that PC inside the corporate intranet? Is it on a corporate network? Is it part of one of your subnets?" It's somewhere where you can touch inside of your firewall.
And that's really where the dialogue the last couple of years has been. If the machine's on, then it's inside your firewall. And what we're seeing now, and what we've provided in 2008, is that it doesn't matter where the machine's at, if it's outside the firewall, the PCs can automatically connect to the enterprise IT console. So if there's a problem they kind of do an alert.
So it's basically if you think of you're setting a rule set down on the machine that "Hey, if any of these conditions change, or if there's something bad or catastrophic that happens," the machine can send an alert back to the enterprise IT console, and say "Hey, I have a problem, and here's the type of problem I'm having."
And what's great is, again, two years ago it couldn't have done this, last year it couldn't have done this, now you can do that where I can have that desktop at a remote location, or that notebook at a remote location, and it can give an alert back to my IT infrastructure, so my help desk agent can look and say "Oh, look, I see Josh has a desktop, and he's out at this site, and he's connected to the Internet, and I see he's having a problem."
And so the beauty is, again, outside the firewall, doesn't matter where it's at, as long as that you know machine has an unrestricted connection to the Internet, now you're in good shape to go manage it.
Michael Pastore: One of the other features that I have read about is called the Fast Call for Help, which sounds like it's somewhat similar. Why don't you tell us a little bit about that?
Josh Hilliker: So Fast Call for Help, and you're right, it absolutely is looking at that same remote alert, and how we're doing the connection. But think of this as you're out at an event, right, or you're at home, and your machine blue screens. And now, depending on where you're at in the – in the state or the country or in the world -- where is your IT person at? Is it 40 miles, 100 miles, is it thousands of miles away where you've got to ship it off to get supported?
Instead, today with Fast Call for Help you can actually request help via a keystroke, inside or outside the firewall, to the remote IT console. So let's play out this scenario. I'm at home, my machine blue screens, I reboot it. During the reboot process, I'm offered a menu of options that kind of look like bios screens, and it says "Hey, for help, click these two buttons." You click the two buttons, it immediately calls out to your remote IT console, and says, "Hey look, Josh is calling for help, looks like he has a problem." Now they're able to pick it up and use the same technology they used the last two years, which is remote diagnostics, and potentially do a remote repair against my machine.
So if I'm having a file guide corrupted or deleted, or a virus came in and infected it a certain way, they can do that down the wire, while I'm at home, once I initiate that call for help.
Michael Pastore: Now both of those sound like good advancements for the laptop users who are traveling around who aren't always near an IT guy, and need help. What about desktop users, what about vPro 2008 can desktop users get excited about? Or desktop administrators.
Josh Hilliker: Great question. So you know those two were more of you being able to go that last mile of getting wherever that machine's at, desktop or laptop, right? Now what gets the IT individual excited, I look at this thing called Access Monitor, and what it is, is it's basically giving you the ability to see who ran actions against that box. So again, let me explain this scenario.
In the IT enterprise world you may have 10, 20, 30 people that have access to do administration at the vPro level, so basically at the bios level and firmware level, I can change it, reboot it, manipulate it, isolate it, etc.
With access monitor, it provides you the ability – and again, this is in our enhanced security landscape -- you have the ability to look at what's happened on the box, and have the kind of audit view of it, like "Hey, I see administrator X did a reboot, I see you know help desk technician Y did a serial over LAN connection, and did a reboot on this specific image." So you're able to see more data and context of a lab and the box. So if you do happen to have a malicious IT admin in your environment, you're able to actually track what happened, what they did, when they did it, and get it the next level of detail, versus not being able to see that data. So you could be having an internal attack, in that respect, and you'll be able to see who did it, and when they did it, what action did they run against that desktop?
And actually, that specific capability, access monitor, is both on the current generation of laptops that were the Centrino 2 with vPro technology, and the current desktop that's out right now.
Michael Pastore: Last year, I think it was, I was at one of the Interop shows in New York, and they had an entire day devoted to network access control, network access protection, whichever vendor you want to talk to has different names for it. But that's an element that's involved here as well.
Josh Hilliker: Absolutely, this is one of the key last big features for both the desktop and the notebook, and this is around Microsoft NAP support. And so basically what it is, is you're allowing AMT to gain access to a Microsoft NAP-enabled – to that 1X network out of band, right? So that allows you to you know do out of band software updates, inventories, remote diagnostics. So we're able to kind of put the pieces together, and access control of your network, what's happening, and interacting at that layer is important for anybody that's worried about security. So with the Microsoft NAP support in there, definitely, a better position for security.
Michael Pastore: Just to go back, we talked about the Remote Alert and the Fast Call for Help, and the remote diagnostic capability that's part of vPro. How much of that is initiated by the end user when there's a problem? And how much of that does the computer know what's going on? I'm trying to get a feel for the user experience here.
Josh Hilliker: It's flexible based on settings, and I think that's the beauty is that if you want to – you know if you want to move your alert mechanism, your remote alerts to be more robust, then it would be more the system making the call than the end user initiating. So it's where on that pendulum do you want to go? Do you want to have more alert capability that translates into the console and the client talking before the end user knows about it? Or do you want the end user to initiate 100 percent of it? Because you could say "Hey, I don't want to do a lot of alerting, I just want to do – or just awareness, but if it wants to connect to the console, I want that to be user initiated." But I think the beauty is, the user has the ability to reach out wherever they're at.
Michael Pastore: And I guess the administrator would want to have some say into how often they're contacted, and how often they have to deal with issues, as opposed to having it pop up when there's an issue.
Josh Hilliker: Yes. Absolutely, and that's all setting related, setting up for what type of alert, what frequency, you could do check-ins you know where machines can check in at some interval, regular interval, and publish what's happening.
Michael Pastore: OK, well I think that about does it for this edition. Thank you very much for your time, Josh, and hopefully we'll be talking to you soon.
Josh Hilliker: Thanks, Mike and have a great day.
Michael Pastore: You, too.