Data Center Security Technology
The Intel® Xeon® Scalable platform delivers a hardware-based root-of-trust environment. Protection features extend up from the silicon, through the platform hardware and firmware, helping protect data center infrastructure.
What Is Data Center Security?
Data center security refers to the technologies and practices that help protect the servers in the data center, as well as the data and applications hosted within them. Servers should be both physically and virtually secure. Safeguarding data center infrastructure is a critical part of a strong IT security strategy.
Hardware-Based Security vs. Software Security
Cyberattacks are evolving, and software alone is no longer enough to protect against the latest security threats. Software can be spoofed by breaches at the lower layer—in other words, if the firmware, BIOS, OS, or hypervisor are compromised, hackers can gain privileged access to systems. It takes a combination of software and hardware-based security features to help keep data center infrastructure secure, starting from the root with platform silicon.
Start with a Root of Trust to Build a Chain of Trust
Security is only as strong as the layer below it. By starting with a root of trust in the silicon, security architects can help create a trusted foundation for computing. Security features can be strengthened at each layer to make the entire system or stack more secure, creating a chain of trust through the firmware, BIOS, OS, and hypervisor. This lightens the load on software and helps to minimize the impact to system performance—so you don’t have to compromise performance for security.
Intel® security technologies enable server hardening and fully support Trusted Platform Module (TPM) standards. With technologies like Intel® Software Guard Extensions (Intel® SGX), Intel can help architects work toward a zero-trust strategy and align with industry data center security standards.
A Layered Security Strategy for the Data Center
Protecting data center and cloud infrastructure requires a multilayered approach. Sophisticated technologies at every layer, from firmware to BIOS to data, can help enhance data center and cloud server security.
Firmware Security
At the firmware layer, malware has highly privileged access to the system. It’s also difficult to detect using software. Boot Guard and Intel® Platform Firmware Resilience (Intel® PFR) can help verify firmware at startup, block interference, and recover to a known state if compromised.
BIOS, OS, and Hypervisor
At this layer, malware has privileged access to applications and possibly hardware. Intel® Trusted Execution Technology (Intel® TXT) helps attest that the BIOS, OS, and hypervisor haven’t been tampered with.
Data and Applications
If other layers are compromised, data and applications may be vulnerable. Intel® Software Guard Extensions (Intel® SGX) is designed to establish secure enclaves and protect data and code in the hardware.
Data & Application Protection
Intel® Software Guard Extensions (Intel® SGX)
This hardware-based memory encryption is our most researched and updated trusted execution environment for confidential computing, with the smallest attack surface within the system.
Intel® Platform Firmware Resilience (Intel® PFR)
This Intel® FPGA-based root of trust solution helps protect against platform firmware attacks. Intel® PFR is designed to detect and correct attacks before they can compromise the system.
Cryptographic Acceleration
New instructions, coupled with algorithmic and software innovations, deliver breakthrough cryptographic performance.
Intel® Trusted Execution Technology (Intel® TXT)
Provide the necessary underpinnings to evaluate the computing platform and its security. Now with One-Touch Activation, Intel® TXT is easier than ever to deploy.
Data Center Security Solutions
Intel® Select Solutions for Hardened Security
Intel® Select Solutions for Hardened Security with Lockheed Martin offer full-stack security to help isolate and protect virtual machines (VMs) at runtime. The solution also allocates compute resources for more consistent performance.
Intel® Xeon® Processors
To help secure today’s most sensitive data and workloads, 3rd Generation Intel® Xeon® Scalable processors come with a suite of innovative, hardware-based security technologies.
More Intel® Security Innovations
Data center security is an ongoing priority across the computing spectrum, Intel is committed to helping advance security and performance through world-class product development policies, processes, and tools.
Hardware-Based Security
Start with a trusted foundation for computing throughout your IT infrastructure. Rooted in silicon, Intel® security technologies are meant to operate beyond the reach of potentially corrupted software.
Confidential Computing
Confidential computing is an emerging industry initiative focused on helping to secure data in use. As computing moves to span multiple environments—from on-prem to public cloud to edge—organizations need protection controls that help safeguard sensitive IP and workload data wherever the data resides.