No Sleep for Security – McAfee ePO and Intel vPro

Using Intel’s Active Management Technology for remote support and reliable security updates

This is a guest post from Ed Metcalf at McAfee

You are not scanning your enterprise for malware often enough. Nobody is. Informal polls of customers and security professionals show that “Wednesday at noon” is the typical schedule for a full virus scan. The explanation for this timing boils down to “people are usually in the office on Wednesday and eating lunch around noon.” Some outlier responses are “at night” or “every day at noon.”

Why aren’t more people scanning at night? Because IT finds users are shutting desktop systems down, so the scans cannot take place.

Why is “every day” not an acceptable practice? Performance. Users complain when they feel their systems are affected by security products. Oddly enough, they don’t complain when their computers are slow due to 18 open web browser windows, but that’s part of the challenge you face managing operational security.

Another sticky issue that IT operations have to deal with involves resolution of end-user issues. Anyone who has spent any amount of time trying to troubleshoot a problem over the phone knows how much more difficult it is than being physically at the device. Remote access applications offer some utility, but with major limitations:

  • Connectivity
  • Misconfiguration
  • No help during a reboot loop

All of these limitations can be overcome with the appropriate systems management technology.  While waking systems to scan and providing remote repair capabilities seem like very different issues, they are both solved through McAfee integration with Intel® Active Management Technology (Intel®AMT). Leveraging the McAfee® ePolicy Orchestrator® (McAfee ePO™) agent and centralized management environment, McAfee ePO Deep Command™ runs on desktops and laptops with the third generation Intel Core™ i5 and i7 vPro technologies.

Intel AMT is a component of Intel vPro technology available on business laptops and desktops.  It provides a secure method for businesses to monitor, maintain, update, and repair PCs without direct hands-on contact.

The third generation Intel vPro technology gives administrators complete remote control over the power state of a system. Or the ability to remotely redirect the boot sequence of a system to a networked image.  McAfee ePO Deep Command allows IT and security operations to take the features available in Intel AMT and deploy them into the enterprise.

Intel AMT is a great tool, but needs a management infrastructure to make it beneficial to enterprises.  Managing tens of thousands of systems from one central location is a McAfee ePO strength. Bringing Intel AMT management into McAfee ePO provides a way for organizations to take full advantage of the tools provided by Intel in the vPro chipset. Click here to get more information on Intel’s 3rd generation Intel vPro technology or McAfee’s ePO Deep Command.