The first principle of the concept Intel calls Intelligent Desktop Virtualization is centralized management/local execution. Intel’s two other IDV precepts—synchronized images and hardware authentication--are deeply rooted in its processor support for virtualization.
Intel’s lead in virtualization silicon dates back more than five years to its Virtualization Technology (VT-x), code named Vanderpool. Advanced Micro Devices followed on Intel’s heels with its own version, AMD-V, code named Pacifica. Both extended the X86 instruction set to handle system calls to the hypervisor more efficiently, ARM is adding similar first-generation virtualization support in its A-15 Eagle core.
More recently, Intel has extended its hardware support for virtualization with its vPro offering, which adds two further dimensions to VT-x: active management technology (AMT) and Trusted Execution Technology (TXT).
VT-x allows virtualization of processors, memory and I/O, facilitating the efficient running of hypervisors that permit multiple operating systems to run without rebooting. VT-x also assists hypervisors in creating isolated computing environments that increase security, since a breach in one cannot become a back door to all.
AMT supports the second principle of IDV, synchronized images, by adding the ability to manage OS and application layers remotely.
“Users want the ability to almost instantly compose an image,” said Dinesh Rao, director of Intel’s ISV program. “What is critical to getting that right is a discipline called layering with bidirectional sync, which delivers a layered image that intelligently recreates the user’s desktop on the endpoint of choice.”
Bidirectional syncing allows a managed image to be patched and updated as necessary on a single server, then synced with users’ devices whenever they come within the range of a broadband connection. Intel’s second-generation Core processors-—Ivy Bridge and Haswell, due in 2012 and 2013, respectively-—will have architected support for layered images kept fresh with bidirectional sync. Intel’s goal is to provide the same experience to virtualization users as they’d get with a locally installed Windows OS.
TXT enables the third leg of Intel’s desktop virtualization effort by verifying each new launch environment and establishing a “root of trust” that can be passed up to higher levels. Intel hopes to use TXT in an intelligent device management scheme that adds hardware authentication similar to subscriber identity modules.
“We believe that device-native security has become indispensable to both the enterprise and the individual PC user,” said Rao. “By borrowing from cell phones the idea of a subscriber identify module—a little SIM card or something similar—the security problem can be addressed with hardware authentication, managed access, provisioning, deprovisioning, syncing and tracking of users.”
Intel is betting its next-gen Core processors, which are being built into what it calls ultrabooks, will let users have their cake and eat it, too. Ultrabooks will support touchscreens, as the iPad does, but will also sport a keyboard and the ability to run layered Windows images.
“If the endpoint you want to deliver is a Windows session, then on an iPad there is no question of bidirectional sync, because the iPad is not going to run Windows natively,” said Rao. “With the iPad, you have to use remote control protocols that are available from server-hosted virtualization vendors.”
Ultrabooks could used client-hosted virtualization to run Windows images natively. That could possibly diffuse ARM’s plans to bring Windows 8 to tablets.
Intel Capital recently said it would start a $300 million ultrabook fund to nurture the technology.
Intel promotes three aims for client-hosted virtualization—local execution, layered images and device management—supported in hardware by its VT-x, AMT and TXT, respectively. SOURCE: Intel
Click on image to enlarge.