Intel Unveils vPro for 13th Gen Core Series: Enhanced Security For Raptor Lakeby Gavin Bonshor on March 23, 2023 12:00 PM EST
In a world that has seen various security breaches at several top companies and supposedly secure companies through hackers and exploiters, the onus isn't only on software developers to keep users and businesses safe but also at the hardware level. In contrast, hardware vendors have different levels of platforms for users, workstations, servers, and whatnot; Intel's key and integrated security platform for desktops is called vPro. Intel's vPro platform isn't a new feature for their desktop and mobile platforms. Still, as ransomware and malware become more sophisticated, the underlying technologies within the platform designed to protect valuable data must also keep up.
Every time Intel launches a new desktop or mobile platform, they typically roll out an updated Intel vPro platform to match, and their 13th Gen Core series is no different. Designed to offer updated hardware-level securities to their existing 13th Gen Core series SKUs, Intel also has a new initiative that they are calling 'Ready for Refresh,' where through an in-house commissioned analysis, vPro users looking to upgrade can save up to 14% on the 5-year cost of operations per PC. Intel's 13th Gen vPro also claims up to 93% efficacy in detecting ransomware attacks in real-time through its new Intel Threat Detection technology and promising users and businesses a smooth transition to Microsoft's Windows 11 from the previous Windows 10 operating system.
Intel 13th Gen vPro: Updated Security For Raptor Lake
As remote work has become commonplace across the globe due to the Coronavirus pandemic, the requirement to ensure small businesses and enterprises keep up to date on the latest security exploits is at an all-time high. Users working remotely and those in the workplace require the latest and most up-to-date software and hardware frameworks to keep all that important data secure.
Intel's latest vPro technology built into the silicon of Intel's 13th Gen Core series offers the latest levels of security for users, businesses, and enterprises looking to keep on top of the latest vulnerabilities and threats. While each refresh of its vPro technologies offers at least something new, Intel's primary marketing focus is selling its improvements and optimizations for its latest 13th Gen Core series with vPro against users on older platforms such as Intel's 10th Gen Comet Lake processors.
With its Raptor Lake architecture, Intel promises a 70% attack surface reduction versus 2020's Comet Lake platform. Even against its 3-year-old Rocket Lake (11th Gen) platform, Intel is claiming over 2x performance in productivity-related workloads and up to 40% against the competition, which implies AMD.
Intel 13th Gen with vPro: SKUs and Segmentation
Regarding platform support, including motherboard chipsets, Intel's marketing within the slide deck alludes to what Intel platform gets what level of vPro security, if at all. We have contacted Intel and asked several questions concerning what chipsets, such as Z690, Z790, and W680, will include regarding vPro support. If the answer is that all Intel 600/700 series desktop platforms support vPro, then support is dependent on the SKU.
The table below lists all the Intel 13th Gen desktop SKUs that support Intel vPro technologies. Support is divided into three categories: comprehensive support for vPro Enterprise, the cut-down vPro Essentials, and/or support for both.
|Intel 13th Gen Core Series with vPro (Desktop)|
Currently, only selected SKUs from Intel's Core i9, Core i7, and Core i5 include vPro support; none of the Core i3 series chips or any processors without integrated graphics include this. Various SKUs support Intel's vPro technologies, with the flagship overclockable K series SKUs supporting vPro Enterprise. In contrast, the rest of the non-K SKUs and the lower power T series SKUs can support either vPro Enterprise or Essentials.
Focusing on the Intel 13th Gen for Mobile series, there is also a variety of SKUs with support for Intel vPro available. The mobile SKUs from Intel's 13th Gen Core series are listed in the table below, with SKUs from each family, including the HX, HK, H, P, and U core series.
|Intel 13th Gen Core Series with vPro (Mobile)|
|Intel vPro Enterprise for Chrome SKUs|
Three of the top Intel 13th Gen for Mobile SKUs support Intel vPro Enterprise, including the Core i9-13950HX, Core i7-13850HX, and Core i5-13600HX; understandably, the flagship SKU, the Core i9-13950HX which is primarily in flagship gaming notebooks, omits vPro support. Support for either vPro Enterprise or Essentials is sporadic throughout the line-up, so depending on the required security features, selecting the right SKU is 'essential.'
Intel also has four mobile SKUs with support for vPro Enterprise for Chrome OS, which powers several of the latest Chromebooks on the market. These Chromebooks with supported SKUs have access to all Enterprise features, not vPro Essentials.
Intel's vPro Enterprise and vPro Essentials technologies focus primarily on security but offer different levels of security. Intel vPro Enterprise is the more advanced version with a broader range of features. Some of these features include Intel Active Management Technology (AMT), Virtualization Technology (VT), Intel's Trusted Execution Technology (TXT), and Identity Protection Technology (IPT), which combined offer a better level of security than Essentials.
As expected, Intel's vPro Essentials is exactly what it implies, a basic and essential set of features to ensure adequate hardware-level security from threats provides some threat mitigation. Intel's vPro Essentials still plays a key part in its vPro line-up. Some of the fundamental features of this include Intel's Anti-Theft Technology (ATT). In reality, Intel's vPro Essentials is a rebranded version of Intel's Standard Manageability (ISM), with key elements of embedded security features. Still, it lacks many advanced security features that vPro Enterprise offers. Intel vPro Essentials is designed for small businesses with growth in mind. In contrast, vPro Enterprise is designed for everything above and beyond, from SMEs to global corporations with a large workforce and/or many staff working remotely.
Intel Threat Detection Technology: Real-Time Protection For End-Point Security Solutions
As it stands, Intel claims that their vPro platform has the first and only silicon-enabled AI threat detection currently available for Windows-based systems. It should be noted that AMD's Ryzen Pro security technologies are also embedded at a silicon level, but they do not benefit from AI-based threat detection. Part of Intel's vPro technology, Intel Threat Detection Technology or TDT, is designed to offer hardware-level protection working in cohesion and tandem with anti-virus and OS-level mitigation against real-time threats and attacks. Adding an additional layer below the operating system,
Intel's Threat Detection Technology provides an additional layer of security through heuristics and algorithms using AI, which is designed to detect and mitigate malware attacks, as well as providing real-time protection from sophisticated ransomware. With TDT and Microsoft Defender, Intel also has anomalous behavior detection (ABD), which monitors applications for early indicators in areas that could be compromising. ABD leverages execution control flow tracking within the CPU cores to build a dynamic AI model consistent with behaviors exhibited by numerous threats and exploitations. This includes protecting against potential backdoor security cyber attacks in ways that software cannot provide alone.
Another area of security and mitigation is through IT-enabled encryption, which adds to existing levels of security through virtualization-based security, meaning that the additional layer gives protection to systems and those deploying virtual machines. Interestingly, Intel hasn't specified if Intel's 13th Gen Core series vPro adoption is a one size fits all solution, offering all of the hardware level features across the entire platform, or whether Intel is still segmenting its security options. This includes Intel vPro Essentials and vPro Enterprise, which provide varying features on Intel's 12th Gen vPro processors.
If Intel has segmented vPro into different levels for their 13th Gen Core parts, they haven't mentioned anything. We have reached out to Intel for a comment to confirm this. We do know that Intel's vPro platform requires an Intel LAN port and/or a compatible Intel wireless interface (WLAN) to provide Intel's AMT technology. Also required is a support operating system, although Intel and Microsoft are heavily pushing the latest Windows 11 OS as the target for their Enterprise and business customers. As it stands, especially for previous generations, Intel vPro is a rather ambiguous term as there are varied levels of support for different product lines such as enterprise, workstations, mobile devices, and desktops.
Another feature of Intel's vPro for 13th Gen Core series processors is modern and up-to-date manageability via its Active Management Technology or AMT. Intel AMT allows businesses and enterprises to access systems remotely from anywhere in the world to the system. With this level of access, users can deploy updates and service packs to ensure that software and firmware are up-to-date and in line with the latest and new threats from malware and ransomware.
Intel's primary focus within its marketing for vPro for 13th Gen floats around the benefits of the current hybrid platform versus vPro on 10th Gen. A lot has happened since 2020, including the Coronavirus pandemic, which forced a lot of enterprises and businesses to opt into working remotely, which poses numerous security risks. Adding things at a hardware level allows users to take this security around with them, not just on desktops but on mobile platforms too.
Without putting too much weight on Intel's figures, every vendor typically commissions in-house testing to a third party and uses this in their analysis. This usually focuses on the favorable areas or wins for whoever commissioned the research. We expect the performance to be close to the mark because there's a massive improvement in frequency, core count, and IPC performance coming from three generations of Intel Core series chips.
There are clear benefits in performance and security going up three generations on any platform. This isn't new because as threats increase in sophistication, platforms, and software must keep up to maintain themselves as viable options. Intel claims that there's a 70% reduction in surface attacks and includes Intel vPro within its Evo notebook designs to offer mobile users the best levels of hardware and software encryption for critical data.
Intel 13th Gen vPro: Nothing New, No New Hardware, So Why Now?
One interesting thing to note regarding the announcement of Intel's vPro technologies for the 13th Gen Series is that Intel isn't announcing new hardware here; all of it is already on the market. While it is important to consider security in 2023 as phishing, ransomware, and malware pose massive threats to businesses and users, some SKUs, such as the Core i9-13900K, have been around since October 22.
With the launch of Intel's 13th Gen Core Mobile processors and its 13th Gen Core 65/35 W parts for desktops in January, Intel did touch on what SKUs featured support for Intel vPro, but it didn't specify the level of support. Going from its 10th Gen Core series to the latest 13th Gen Core series yields many performance benefits, perhaps the biggest coming from its hybrid architecture of performance (P) and efficiency (E) cores, as well as IPC performance gains and adjustments to core frequency.
Today Intel has finally clarified everything vPro for its 13th Gen Core series, both their desktop and mobile line-ups. Intel looks to be targeting everything towards their Enterprise and SME customers looking to upgrade and deploy more modern systems, which is understandable given vPro is designed primarily for SMEs and corporations. The added layer of vPro securities across its line-up gives confidence to those working remotely, as adding layers of security at the hardware level is more beneficial than relying solely on software.
Combined with Windows 11, one of Intel's 13th Gen vPro Enterprise enabled SKUs, and Window's integrated mitigations, this gives the best levels of security for workers that do things remotely. Data protection is important, and Intel's 13th Gen for vPro looks to add an additional layer of security to those with critical and important data. Still, Intel hasn't unveiled anything we didn't know about vPro or launched any new hardware that users cannot already purchase.
Update 03/24: Intel has responded to one of our questions surrounding chipset support. Intel state that vPro for desktop on their 13th Gen processors require a motherboard from either a Q or W based chipset, such as W680. Using vPro-enabled parts on any other chipset will mean the vPro features aren't enabled.
Post Your CommentPlease log in or sign up to comment.
View All Comments
KaarlisK - Thursday, March 23, 2023 - linkOnly a couple years ago, it was impossible to buy an i3 that wasn't 10th gen. Rocket Lake was only i5 and up.
Basically, Intel is saying, if you buy one of our CPUs, don't expect (support for ) it to last more than three years.
This means I'll be finding someone else as my source for computers. AMD, ARM Chromebooks/Laptops, whatever I can do just to get actually viable support lifetimes. Reply
Duwelon - Thursday, March 23, 2023 - linkWhat if Intel instead stripped features until they ran as efficiently as Apple silicon? I'm in the market for a high end laptop and the battery life between Intel and Macs is insane, something like 22 hours for a high end MBP vs 5-6 hours for a high end Razer, Asus, MSI, etc. Reply
lemurbutton - Friday, March 24, 2023 - linkInstead of stripping out features, Intel needs a complete ground up core to compete with Apple Silicon.
Apple Silicon chips are designed to be low power first, and then scaled up. Intel chips are designed to be high power first, and then scaled down. What was surprising was that Apple was able to create a chip (M1) that sipped power like an iPad chip but produced desktop class performance. Reply
mode_13h - Friday, March 24, 2023 - link> Intel chips are designed to be high power first, and then scaled down.
You've almost got it. Intel and AMD sell CPUs, not systems. This forces them to care more about perf/area, because area determines cost. And when you want the most performance per area, you design a uArch that clocks higher. We all know power scales poorly with clocks, but these cores depend on high clocks to deliver competitive performance.
Since Apple sells systems, they can do things like tradeoff battery size for CPU area, and they don't need to be so concerned about optimizing margins on the CPU dies, themselves. For Apple, the focus on low-power performance pushes them to design a wider, lower-clocking uArch. They use longer critical paths to squeeze out more performance per cycle, at the expense of limiting top clock speeds. Reply
lemurbutton - Saturday, March 25, 2023 - linkYou almost got some of it.
Qualcomm’s mobile chips are still much more efficient despite being a supplier. the existential threat to both Intel and AMD are the Nuvia cores. Reply
mode_13h - Monday, March 27, 2023 - link> Qualcomm’s mobile chips are still much more efficient despite being a supplier
That's because they're mobile-targeted SoCs using mobile-targeted cores. Also, using the ARM ISA helps. That enables them to win on efficiency, but not performance.
We'll see if Nuvia can turn the tables on outright performance. So far, all we've seen from Nuvia is big promises and delays. Reply
lemurbutton - Friday, March 24, 2023 - linkJust look at the i7-13850HX. Its standard operating TDP is 55w. 55w is is around 5x the power of the M1/M2 running at max CPU speed. Reply
mode_13h - Friday, March 24, 2023 - linkIn addition to what I said above, Apple gets some power savings from integrating the GPU and having in-package LPDDR5. Reply
flgt - Friday, March 24, 2023 - linkIt’s not just power. Despite massive market share loss, Intel again doubles down on more market segmentation. Does Apple have 10-15 part numbers? If you want adoption of a feature put it on every part and make it widely available. Intel can’t afford to play these games anymore. Plus this announcement looks like pure desperation to convince businesses not to push to 5 year refresh cycles since Intel offers nothing compelling to go down to 3. Gelsinger may not be able to fix the technology problem right away, but he could definitely get his marketing team and product managers to stop stuff like this. It calls into question whether he is the right guy to run things. Reply
Duwelon - Friday, March 24, 2023 - linkDoes Intel do that intentionally, add confusion? Does it benefit them somehow or the other laptop manufacturers like HP, Dell, Lenovo etc to have over a dozen part numbers that are extremely similar? Reply