Trusted compute pools with Intel® Trusted Execution Technology (Intel® TXT)1 support IT compliance by protecting virtualized data centers’ private, public, and hybrid clouds against attacks toward hypervisor and BIOS, firmware, and other pre-launch software components.
A feature of the Intel® Xeon® processor, Intel TXT establishes a root of trust through measurements when the hardware and pre-launch software components are in a known good state. Utilizing the result, administrators can set policies for sensitive data and workload placement onto groups of servers known as trusted compute pools.
With Intel TXT, you can:
A piece of manufacturing or retail equipment is compromised, possibly manipulated via network, USB flash drive, or an illegal peripheral at boot time. One solution is to stop the system from booting when such manipulation is detected. This is possible with Intel TXT, which measures the current state of the system against the known good state at the boot time.
1. No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology (Intel® TXT) requires a computer with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules, and an Intel TXT-compatible measured launched environment (MLE). Intel TXT also requires the system to contain a TPM v1.s. For more information, visit www.intel.com/content/www/us/en/data-security/security-overview-general-technology.html.