Intel and Lockheed Martin collaborate with systems providers to harden cloud computing security
On October 8, 2019 at the Intel Federal Summit in Washington, D.C., Intel announced it has partnered up with Hewlett Packard Enterprise (HPE), Mercury Systems and Supermicro (SMCI) in an effort to design advanced solutions for security systems market based on the Intel Select Solutions for Hardened Security with Lockheed Martin.
Running on a foundation of 2nd Generation Intel Xeon Scalable processors, the new solutions are built with a view to offer increased system protection at all levels: from hardware to software, including hypervisors, operating systems, and applications.
The growth in the number of security attacks each year remains one of the main concerns for enterprise and government organizations who seek to protect their most critical data in the cloud. So in this context, Intel Select Solutions for Hardened Security with Lockheed Martin appears to be taking the future of hardware-based security to the next level as it helps to protect high-value data at runtime through a hardened full-stack security solution.
It is expected that the new, advanced solutions will integrate the Intel Select Solutions for Hardened Security with Lockheed Martin reference design that delivers improved security beginning when the system is powered on through all boot stages. One of its central features is the use of hardware-enforced firewalling that ensures resistance to information leakage, unauthorized modification, and privilege escalation by helping to separate critical data from suspicious workloads. In addition, The Intel Select Solutions for Hardened Security with Lockheed Martin reference design also uses partitioning and isolation of shared hardware resources such as cache, cores, memory, etc. in the virtualized environment to maintain data security and support consistent application performance.
Referring to the minimum required performance capability for the solutions, the so-called “Base” configuration for the Intel Select Solutions looks as follows: 2 Intel Xeon Gold 6248 processors, Xeon Platinum 8260, 8268 or 8280 processor + 768 GB RAM DDR4-2666 + 2 boot drivers Intel SSD DC S4510. For data storage, the manufacturer recommends the use of 2 Intel SSD DC P4510 Opal ready drives. For data network, 10Gb Intel Adapter X710-DA2 with SFP+ ports is required. CentOS 7.5 is selected as the base operating system.
Additionally, Hyper-Threading technology as well as the Last-level cache prefetch option have been disabled for these solutions, which is supposed to cut down vulnerability to a number of attacks including ZombieLoad, Specter and Meltdown.