Intel has demonstrated a new hardware-based security platform that it says could represent the next phase in the evolution of security defenses.
They’re saying this isn’t a product, it’s a technology, so we’re all kind of waiting to see exactly what’s coming down the pipe.
Andrew Braunberg, research director for enterprise networks and security, Current Analysis.
At the Intel Developer Forum in San Francisco, Intel partially unveiled McAfee DeepSAFE, a security platform it will use to inject security into Intel silicon. The platform is designed to enable McAfee to run security software independent of the operating system to gain visibility into rootkits and other malware that Intel says can easily bypass traditional operating system defenses.
While the use case for such a technology is broad -- from desktops, laptops and smartphones to tiny embedded devices that run mechanical systems -- McAfee nor Intel are releasing details on how the technology will initially be applied.
Vimal Solanki, senior vice president of corporate strategy at Intel, said the DeepSAFE platform is McAfee technology and added that the security vendor, which operates as a subsidiary of Intel, would build specific products using it to connect to Intel chips. McAfee said last year at its Focus user conference that integrated chip security would be a major part of its product strategy.
“By going below the OS and directly interfacing with the silicon, you now have a whole new vantage point,” Solanki said. “You’re not at the mercy of operating system to deliver security.”
McAfee will be able to enhance its existing products and deliver new capabilities, he said. In addition, new products will not require new Intel chipsets, Solanki said. “If you bought a PC in recent history, we will deliver solutions that use existing hardware.”
Solanki said Intel has offered the capabilities used by DeepSAFE to enable other security vendors to connect to its chipset. DeepSAFE is designed to enable McAfee to offer CPU event monitoring. It uses Intel VTx technology available on Intel Core i3, i5, i7 processors and vPro platforms. “The silicon capabilities that DeepSAFE leverages are already open and available,” Solanki said.
DeepSAFE can run with Microsoft Windows 7. McAfee anticipates it will run with Windows 8 and is working on a version that runs with the Google Android mobile platform. Solanki and other Intel executives said DeepSAFE could be one of the biggest security innovations in the last 20 years, but industry analysts are downplaying the announcement.
“There is absolutely not enough detail to make a claim like that,” said Andrew Braunberg, research director for enterprise networks and security at Sterling, Va.-based Current Analysis. “They’re saying this isn’t a product, it’s a technology, so we’re all kind of waiting to see exactly what’s coming down the pipe.”
Intel acquired McAfee last summer in a $7.7 billion dollar deal. Since then, McAfee CEO Dave DeWalt has said the company would work on ways to bake its technology into Intel chip sets. At an investor conference in March, DeWalt said the goal would be to find ways to gain visibility into devices that have a tiny footprint, but could be used by attackers to gain access to company networks.
DeWalt told investors the company would work closely with Intel's Wind River subsidiary, a firm Intel acquired in 2009. It makes operating system software for printers, ATM machines, network gateways, satellite systems, mobile devices and other embedded systems. It’s unclear whether DeepSAFE uses Wind River technology, which is designed to run in a tiny footprint and can interface to hardware-based crypto functions.