Hardening Measures Built into Intel® Active Management Technology (original) (raw)

Published On: Monday, December 10, 2007 | Last Modified On: Monday, December 10, 2007 As network planners and security analysts consider implementing Intel® Active Management Technology into their environments, they can use the information in this document to gauge the native security of the platform and to understand some of the key security decisions associated with using the technology. Overview Intel® Active Management Technology (Intel® AMT), a component of Intel® vPro™ processor technology and Intel® Centrino® Pro processor technology, offers the ability for business customers to remotely manage PCs over the network, even if they are powered off or the operating system is non-functional. Administrators can use a management console application to connect with a firmware-resident management engine on business PCs by means of an out-of-band channel. That connection enables an array of remote-management capabilities, including powering the client machine up or down, as well as deploying patches or other software, gathering hardware and software asset information, or isolating malware-infected machines from the rest of the network. It is also possible to monitor security and management agents on the client PC and alert the management console if they are disabled or removed, providing an added layer of protection from tampering. The design of Intel AMT incorporates significant hardening measures at every stage of development. Security features of the technology are based on industry-standard conventions and protocols, such as Transport Level Security (TLS), Public Key Infrastructure (PKI), Kerberos authentication, Network Access Control (NAC), and 802.1x. The technology has been subjected to extensive multi-level security testing and analysis. The purpose of this paper is to introduce core security characteristics of Intel AMT. Executives and decision makers will gain confidence in the ability of Intel AMT to enhance security in corporate networks, without adding undue additional liability. System administrators will gain a high-level understanding of the security model provided by Intel AMT that informs the implementation effort. Security analysts will learn what hardening measures have been taken during the development of Intel AMT, both to audit its suitability for use in their organizations and to see how it fits into their overall security strategy. The bulk of the paper is organized according to a model that consists of three layers that correspond to broad areas of hardening incorporated into the design of Intel AMT: Layer 1: Management Network Protections against Attack and Tampering Layer 2: Privacy in Machine-to-Machine Communication Layer 3: Intel AMT Capabilities to Guard against Viruses and Other Threats The paper concludes with a brief introduction to some of the key design decisions to be made by implementers, demonstrating at a high level how one can strike the balance between security and convenience that is appropriate to their individual needs. Layer 1: Management Network Protections against Attack and Tampering The first layer of hardening incorporated into the design of Intel AMT concerns control over human access to the management network and associated devices. Intel has invested significant effort to controlling the Intel AMT attack surface. For example, administrators can set parameters to control the number of login attempts allowed before lock-out, and the console can send alerts to an administrator after a certain number of login attempts have occurred. There are also built-in alert and logging capabilities. Because there is a web server built into the Intel AMT device, an attacker could try to send malformed packets in an attempt to compromise the system (e.g., buffer overruns). In order to prevent this type of vulnerability, Intel has performed extensive code review and testing with third-party and internally developed tools, as well as conducting intrusion testing with the help of internal and external experts. These activities have helped to make Intel AMT systems extremely resistant to attack. Intel AMT Account Permissions Intel AMT hardening includes a security model that allows implementers to create accounts with various levels of privileges on the management network. For example, monitoring tools can be set up with accounts that provide a relatively low level of access, enabling administrators to tighten security while allowing everyday activities to be carried out without interference. Strong passwords are required, which make it difficult for intruders to carry out successful brute force attacks to gain access. When creating a user account on Intel AMT, you can specify whether the user can log into the local interface, the remote interface, or both. The following table shows a list of the basic privileges that are available to user accounts, as well as illustrations of the types of privileges that might be assigned to accounts with different roles within the organization: Available Privileges Sample Monitoring Account Privileges Sample Repair and Support Personnel Privileges Redirection PTAdministration HardwareAsset RemoteControl StorageAdmin EventManager Storage AgentPresenceLocal AgentPresenceRemote FirmwareUpdate GeneralInfo NetworkTime CircuitBreaker HardwareAsset EventManager Storage AgentPresenceRemote GeneralInfo Redirection HardwareAsset RemoteControl StorageAdmin Storage FirmwareUpdate GeneralInfo CircuitBreaker As the table suggests, it is relatively simple to limit access by a monitoring account for example, following good standard security practice of providing only the level of system access that is actually needed to perform a given function. Management Firmware Image Protection The primary goal of Management Engine firmware security is to ensure that only Intel-approved firmware images can run on the Intel AMT subsystem hardware, and that only IT administrators can apply approved Intel firmware update images. Intel AMT checks the signature of firmware updates before applying them; firmware must be signed by Intel before it can be loaded. As part of system manufacture, a Firmware Signing Key (FWSK) public/private pair is generated at a secure Intel Location, using the Intel Code Signing System. The Private FWSK is stored securely and confidentially by Intel. Intel AMT ROM includes a SHA-1 Hash of the public key, based on RSA, 2048-bit modulus fixed. Each approved production firmware image is digitally signed by Intel with the private FWSK. The public FWSK and the digital signature are appended to the firmware image manifest. At runtime, a secure boot sequence is accomplished by means of the boot ROM verifying that the public FWSK on Flash is valid, based on the hash value in ROM. The ROM validates the firmware image that corresponds to the manifest’s digital signature through the use of the public FWSK, and if successful, the system continues to boot from Flash code. Layer 2: Privacy in Machine-to-Machine Communication In Intel AMT Enterprise mode, TLS is used to protect the integrity and privacy of all communications over the management network, including Serial-over-LAN (SoL) and IDE-Remoting (IDE-R) sessions. Even if an attacker manages to put a packet sniffer on the internal network, it is highly unlikely that any data will be compromised, providing another layer of confidence to decision makers, system administrators, and security analysts. Optionally, mutually authenticated TLS can be used to enhance security even further by requiring both parties to present certificates. This functionality can be somewhat complex to set up, but it allows for very high security using certificates in addition to passwords. Intel AMT Authentication Authentication is used throughout the infrastructure to prevent intrusion. For example, in order for a wake-up packet (sent at night to wake a system) to work, it has to authenticate. Each Intel AMT device must be provisioned with at least one username/password pair, preferably unique. Because it is difficult to guarantee uniqueness, Intel AMT systems support Kerberos integration with Windows* domain authentication. This mechanism is based on a well-accepted set of Internet standards, including Kerberos v5 (RFC 1510), GSS-API (RFC 1964), and SPNEGO (RFC 2478). This approach simplifies User ID management by using the group-based Windows authorization approach, rather than placing responsibility for creating a new approach on administrators. IT administrators are allowed or denied privileges to manage Intel AMT devices based on their group memberships in Active Directory. Network and Local Host Traffic Security Network security is provided by TLS, and XML-encoded messages are encapsulated in SOAP over HTTP. TLS mutual authentication is carried out using the cipher suites TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_NULL_SHA (export/import), and RSA certificates and keys generated off-line and provisioned (2048-bit modulus). Mutual authentication is required by means of preinstalled certificates on both the client and server. Third-party data storage (3PDS) is provided by Intel AMT to provide a secure, persistent data store in Flash for third-party management applications, secured by Access Control Lists (ACLs) and accessible even if the system is powered down or has a non-functioning operating system. Local traffic between 3PDS and the management agent is carried out over SOAP/TLS. The local interface is aligned with network interface security. Command Path Security utilizes security mechanisms contained in the local and remote OS network stacks (i.e., TLS with mutual authentication) to secure the path over which an application’s storage commands travel. Access to administrative commands is controlled by a separate HTTP authentication ACL (StorageAdministration). Access to registration and storage commands is controlled by another separate HTTP authentication ACL (Storage). Physical protection and isolation of the Flash device is provided by the chipset hardware. Because Flash devices provide a limited number of write cycles (~100K operations per 4Kb Flash block), the chipset also provides mechanisms to detect and prevent flash wear-out, as well as to prevent Flash wear-out attacks by malware and non-partner applications. This functionality is augmented by mechanisms to prevent Application ID masquerade attacks (ID/interface binding). Wireless Security The Intel AMT wireless management interface does not support open wireless networks, nor does it support Wireless Equivalency Protocol (WEP). Use of Intel AMT wireless connectivity typically requires the use of security included in or related to the 802.11i specification, such as Wi-Fi Protected Access (WPA) or Robust Security Network (RSN). It optionally supports 802.1x authentication. Wireless Intel AMT functionality also requires the use of strong passwords. These were security decisions made by Intel that protect the customer. Note: Initial setup is possible over the wired interface only, because it is necessary for the Intel AMT device to be manually associated with a wireless network. Layer 3: Intel AMT Capabilities to Guard against Viruses and Other Threats Administrators can monitor for specific types of traffic using network heuristics that detect security-relevant events and send notifications or take other actions, according to corporate policy. Network filters and policies are used to rate-throttle, monitor, and filter packets at the hardware level. These operations can be carried out at various granularities (e.g., per port or IP address), independently of the operating system. That makes these filters and policies extremely resistant to tampering by viruses, trojans, worms, or rootkits. Administrators can configure the management console to check that the computer is present on the network and not an imposter. In fact, monitoring of that sort can be conducted at higher levels of granularity, as well. For example, it is possible to set up alerts for events such as a hard drive being replaced, and a chassis-intrusion switch can identify the fact that a case has been opened. Software Version Compliance Intel AMT helps to ensure that all platforms in an enterprise are compliant with corporate requirements related to operating system patches, software versions, virus signatures, etc. Out-of-band polling helps to minimize the impact of platforms not being visible on an in-band, down-the-wire basis, which traditionally complicates efforts to avoid risks associated with outdated software such as runtime errors, viruses, malware attacks, etc. Intel AMT also helps to remove issues associated with user non-compliance (e.g., user removal of software agents). Platforms that are powered off can be audited out-of-band and turned on using Intel AMT to install virus signature files and anti-virus engine updates. Intel AMT enables support organizations to significantly improve the accuracy, speed, and efficiency of security updates (e.g., software patches and anti-virus signatures) by auditing regardless of operating-system health or power state. Downtime, data loss, platform instability, and repair hours are reduced by updating platform software during periods of low usage, which helps prevent infection of otherwise-unprotected systems. Hardware-Based Isolation and Recovery In an environment enabled by Intel AMT, day-zero inbound and outbound virus protection benefit from Network Outbreak Containment filters that scan incoming and outgoing network traffic, regardless of operating-system or virus-protection agent state, for suspicious behavior by comparing five points of data (source and destination IP addresses and port numbers, as well as protocol type) against preset rules. These filters are configurable via third-party console applications, which govern whether traffic identified as suspicious is dropped, alerted to the IT organization, or passed through (no action). Depending on the IT policy setup, filters can be programmed to protect the system from receiving or transmitting malware, resulting in reduced support calls and increased user productivity. In order to reduce network exposure, the IT organization can detect suspicious activity at a node or series of nodes via alerts sent to a central control console. It can send real-time updates via the out-of-band channel to suspected nodes to block the suspicious traffic (allowing the user to remain connected and active with only the malware blocked) and update unaffected nodes with additional filter criteria. While a platform is in quarantine, console software can clean the system of malware, viruses, etc. using either a specific dedicated port or SoL/IDE-R to boot the system to a known good image for remediation. Presence Checking of User Partition Agents Intel AMT-enabled third-party software agents in the User environment register with the Intel AMT firmware. Once they are registered, the third-party management-console software checks for User agent presence on a periodic basis determined by corporate policy. The polling is performed locally and does not impact network performance, which allows agent checks to be performed more frequently. For example, the Intel AMT firmware can check to see if User environment agents are present every 10 seconds. If agents don't respond to the poll, an alert is sent to the management console. Once the alert is received, the console takes appropriate action based on company policy, which can reduce the number of support calls received to remedy the affects of agent removal. This action can include utilizing Intel AMT system defense features to isolate the system from the network while leaving a port open to allow the console to force a reinstall of the disabled agent. Endpoint Access Control At every connection or on demand, a client system's profile can be surveyed in a trusted manner. The "system posture" (including credentials, configuration, and system data), is compared to requirements set by corporate policy, and if the system doesn't meet minimum standards, the Policy Decision Point (PDP) conveys a health assessment for the system and limits or denies network access. If network access is restricted, a User Notification is displayed to convey to the end user that normal network operation will be delayed until remediation is complete. The system is then redirected to a software configuration system or network for upgrading to minimum profiles. Rogue systems plugged into the network are identified by this mechanism, and their access is limited based on policy. Allowing for full authentication and posture checking before allowing network access can greatly reduce the potential for malware to propagate onto the system, allowing administrators to ensure that all systems meet current policies, and limit rogue or visitor systems from gaining unauthorized network access. Provisioning Options to Balance Security with Simplicity As in any computing environment, Intel AMT necessitates certain strategic decisions to be made balancing security with simplicity. Intel AMT is designed to enable network administrators to implement the technology with the degree of security that meets their needs, striking an individual balance between that security and convenience. That is, management networks based on Intel AMT can be set up to be extremely secure, or at the administrator's option, they can be simplified to some degree, in order to make them easier to set up and manage. A great deal of design effort has gone into enabling the implementation of high security without undue complexity, as well as to make the minimum security requirements stringent enough for many mainstream implementations. One key security mechanism that cannot be overridden is the need for the party setting up client machines to prove that they are authorized to do so. This requirement relates to all systems, regardless of other security decisions made by network administrators. The potential complexity of that requirement is obviated by the use of setup and configuration tools like USB keys for one-touch enterprise configuration, certificate-based setup for remote configuration, and a web interface for Small/Medium Business (SMB) setup. It is also difficult by design to reverse system setup of Intel AMT devices. Doing so requires opening up the case and changing a jumper on a desktop or disconnecting the backup battery on a laptop. To help prevent an adversary from using a rogue provisioning server to illegitimately re-provision Intel AMT devices, the server uses its fully qualified domain name and a corresponding trusted root certificate to identify itself to the client. This measure provides a level of security, so long as the enterprise's DHCP infrastructure has not been compromised. In order to prevent a rogue Intel AMT device from impersonating a legitimate workstation and potentially receiving confidential information from the provisioning server, the provisioning server may optionally authenticate Intel AMT devices using a one-time password. SMB Mode versus Enterprise Mode Intel AMT has two configuration modes: Enterprise and SMB. One key difference from a security perspective is that Enterprise mode uses TLS, which is not supported by SMB mode. Enterprise mode is recommended for all organizations of all sizes because it is more secure than SMB mode. It does require an added degree of complexity, including a separate setup and configuration server, whereas in SMB mode, client machines can be setup and configured by accessing the Management Engine through an integrated web server. Within Enterprise mode, two main categories of setup options are possible: one-touch or remote (zero-touch) configuration. These two setup categories offer another tradeoff between convenience and security. One-touch configuration is the more secure setup option, while remote configuration is more convenient. In one-touch configuration, an IT administrator must be in physical proximity to each client machine for at least part of the setup, in order to provide credential information generated by the setup and configuration server to the client machine, either by booting to a specially prepared USB key or by manually entering the information into the BIOS screens. One-Touch Configuration versus Remote Configuration While one-touch configuration is the most secure option, remote configuration can be made relatively secure. One-touch configuration requires a strong password, in order to protect against imposters. Remote configuration provides similar functionality using certificates. Theoretically, one could get a dummy certificate and build an imposter server. This eventuality is guarded against by the non-repudiation put in place by all accepted Certificate Authorities (CAs, e.g., Verisign), which would allow the person who got the erroneous certificate to be tracked and identified. In Remote configuration, Public Key Infrastructure using Certificate Hashes (PKI-CH) is used as a handshaking protocol between the Intel AMT device and the setup and configuration server. The Intel AMT device creates a self-signed certificate to be used as a TLS server certificate, for configuration purposes only. In order to support the creation of that certification, the Intel AMT device holds a list of hashes of root certificates from accepted CAs, as defined by Intel. The list is used to verify the configuration server certificate. Intel AMT accepts wild card domain names (e.g., *.intel.com) in the Common Name (CN) field of the configuration server configuration certificate. The configuration server must use a server certificate signed specifically for Intel AMT configuration usage, and that certificate must be signed by one of the root certificates from one of the CAs on the accepted CA list mentioned above. Finally, the configuration server must accept using self-signed certificates. The list of Certificate Hashes (CHs) pre-configured in the Intel AMT device is defined by the manufacturer, and there is room for up to 20 CHs. One of those CHs can be marked for use, disallowing use of the others. Additional CHs can be configured by system administrators within the end-user organization, using a USB Flash key or manually using the Intel AMT setup screen. However the trusted certificates are loaded, once installed on a network, Intel AMT will try to find the configuration server, authenticate it, and get its configuration from it. Administrators may choose to have the network management console create a 'one-time password' (OTP) that allows the configuration server to authenticate the Intel AMT device. The OTP can either be set in-band (through the network interface) by the client management software agent, or else it can be set in BIOS as a one-touch measure. If used, the OTP is checked during the authentication handshake. Use of the OTP prevents the case of an adversary masquerading as a valid Intel AMT device in order to obtain Intel AMT configuration information. Configuration Server Domain Confirmation Another security measure is the verification of the configuration server domain by the Intel AMT device, which compares the DNS suffix it discovers from the DHCP server against that of the CN of the configuration server. This process serves to ensure that the configuration server is part of the correct domain. While this protection depends upon the security and integrity of the DHCP infrastructure, guarding the DHCP infrastructure from attack does not require additional effort with respect to the implementation of Intel AMT, since network administrators must have this protection in place, in any event. Further, the Intel AMT device records the configuration server's fully qualified domain name (FQDN) and hash in a read-only configuration record, which assists IT in detecting and tracking rogue configuration attempts. Administrators can provide the configuration server's FQDN to the Intel AMT device in advance of configuration. The Intel AMT device can then use that FQDN to verify that the discovered DNS suffix matches the FQDN DNS suffix. It can also use the FQDN to verify that the DNS suffix of the CN of the configuration server certificate matches the FQDN DNS suffix. Conclusion Intel AMT provides both robust native hardening and the ability to tailor security to the individual needs of organizations that implement it. The security built into the technology is based on commonly accepted industry standard protocols and techniques, which are typically familiar to security-minded network administrators. Thus, the secure implementation of Intel AMT is not only greatly aided by the inherent security of its design, but the concepts required are a logical extension of measures that are likely to already be in place within many organizations. Additional Resources The following materials provide a point of departure for further research on this topic: Intel AMT Architecture Guide provides in-depth descriptions of the identities and roles of the components of the overall Intel AMT architecture. Intel Manageability Community is a core developer resource for manageability technologies from Intel. It provides tools, documentation, use cases, blogs, and user forums. Intel AMT Technology & Research provides in-depth information about the hardware and software features and capabilities that underlie Intel AMT. Intel AMT Technology Brief provides a concise overview of the technology from a business perspective, with a focus on features and benefits to IT organizations and software vendors. Page & Feed Options Print | Email to a friend Support Feedburner Newsletter SubscriptionsBookmark This Digg This