HP ProLiant BL660c AMD Opteron™ and Intel® Xeon® x - Page 13

Data security

Get HP ProLiant BL660c PDF manuals and user guides View all HP ProLiant BL660c manuals
Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

Intel Virtualization Technology (Intel VT) Intel VT, a group of extensions to the x86 instruction set, consists of three technology suites. They work together to improve virtualization performance in a server's processor, chipset, and I/O devices. Intel VT in Intel Xeon processors (Intel VT-x) With software-only virtualization, the hypervisor must trap and execute certain instructions for the virtual, guest OS. Intel VT-x reduces these hypervisor interventions. It also helps transfer platform control between the hypervisor and guest OSes so that the handoffs are faster, more reliable, and more secure. Intel VT for Directed I/O (Intel VT-d) Intel VT-d reduces the need for the hypervisor to manage I/O traffic. Intel VT-d assigns specific I/O devices to specific guest operating systems. Intel VT-d gives each I/O device a dedicated area in system memory that only the device and its guest OS can access. This speeds data movement and decreases performance overhead. Intel VT for Connectivity (Intel VT-c) Intel VT-c integrates hardware assists into I/O devices like NICs and storage controllers. Intel VT-c is a collection of technologies that sorts an enormous variety of incoming data and sends it to its destination. By performing these functions in dedicated network silicon, Intel VT-c increases throughput and reduces the load on the hypervisor and server processors. Data security Virtualization has raised data security concerns because server workloads are no longer physically separated in the data center. These concerns have intensified with the growing threat of malicious software attacks aimed at the hypervisor, BIOS, and firmware. HP ProLiant G6 and G7 servers protect against these threats by adding the hardware-based security technology featured in the latest Xeon and AMD Opteron processors. Intel security technology Xeon 5600 series processors use Advanced Encryption Standard New Instructions to provide hardware-based acceleration for secure transactions. The processors also use Trusted Execution Technology to enhance security through hardware-based resistance to malicious attacks. Advanced Encryption Standard New Instructions (AES-NI) AES-NI allows faster encryption and decryption performance. Read more about it at http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set/. Trusted Execution Technology (Intel TXT) Intel Trusted Execution Technology complements anti-virus software. It increases protection against software-based attacks to the hypervisor or BIOS and protects against malicious rootkit installations. Intel TXT creates a Measured Launch Environment (MLE) that lets you compare a system's critical launch components to approved code during the boot and launch sequence. Intel TXT detects any changes to the MLE and blocks any unapproved code from launching. Intel TXT establishes an optimal number of protected launch components called a root of trust, which is difficult to defeat or modify. 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
Intel Virtualization Technology (Intel VT)
Intel VT, a group of extensions to the x86 instruction set, consists of three technology suites. They work
together to improve virtualization performance in a server’s processor, chipset, and I/O devices.
Intel VT in Intel Xeon processors (Intel VT-x)
With software-only virtualization, the hypervisor must trap and execute certain instructions for the
virtual, guest OS. Intel VT-x reduces these hypervisor interventions. It also helps transfer platform
control between the hypervisor and guest OSes so that the handoffs are faster, more reliable, and
more secure.
Intel VT for Directed I/O (Intel VT-d)
Intel VT-d reduces the need for the hypervisor to manage I/O traffic. Intel VT-d assigns specific I/O
devices to specific guest operating systems. Intel VT-d gives each I/O device a dedicated area in
system memory that only the device and its guest OS can access. This speeds data movement and
decreases performance overhead.
Intel VT for Connectivity (Intel VT-c)
Intel VT-c integrates hardware assists into I/O devices like NICs and storage controllers. Intel VT-c is a
collection of technologies that sorts an enormous variety of incoming data and sends it to its
destination. By performing these functions in dedicated network silicon, Intel VT-c increases throughput
and reduces the load on the hypervisor and server processors.
Data security
Virtualization has raised data security concerns because server workloads are no longer physically
separated in the data center. These concerns have intensified with the growing threat of malicious
software attacks aimed at the hypervisor, BIOS, and firmware. HP ProLiant G6 and G7 servers
protect against these threats by adding the hardware-based security technology featured in the latest
Xeon and AMD Opteron processors.
Intel security technology
Xeon 5600 series processors use Advanced Encryption Standard New Instructions to provide
hardware-based acceleration for secure transactions. The processors also use Trusted Execution
Technology to enhance security through hardware-based resistance to malicious attacks.
Advanced Encryption Standard New Instructions (AES-NI)
AES-NI allows faster encryption and decryption performance. Read more about it at
.
Trusted Execution Technology (Intel TXT)
Intel Trusted Execution Technology complements anti-virus software. It increases protection against
software-based attacks to the hypervisor or BIOS and protects against malicious rootkit installations.
Intel TXT creates a Measured Launch Environment (MLE) that lets you compare a system’s critical
launch components to approved code during the boot and launch sequence. Intel TXT detects any
changes to the MLE and blocks any unapproved code from launching. Intel TXT establishes an optimal
number of protected launch components called a root of trust, which is difficult to defeat or modify.
13