CASE STUDY Intel® Trusted Execution Technology Private Cloud

Deploying Intel® Trusted Execution Technology to Enable a Trusted Private High Performance Cloud

DuPont is one of the world’s most dynamic With research areas ranging from science companies with a global footprint nanotechnology and alternative energy to of over 70,000 employees in 90 countries. plant genetics, DuPont R&D is taking aim Its core science has a 212-year-old track at those societal problems such as feeding record of delivering innovative products the planet, providing alternative and clean and materials, many with household energy, protecting the environment, and names such as Kevlar®, Teflon®, Tyvek®, making the world a safer place. and Corian®. To enable the continued The complexity of a multi-domain focused, development of new approaches and global research initiative presents unique discovery vehicles, DuPont is increasingly challenges for managing the data and relying on a diverse modeling and infrastructure to enable collaboration simulation environment to provide key and sharing, while also adhering to those insights into the discovery process. The governmental regulations applicable to need to enable a secure, robust, and the various data types. It was decided dynamic computing environment became that the future state architectural design clear, and so a partnership was forged of this environment must be based on a with Intel to develop the foundation for a dynamic, yet cost-effective capability, that secure high performance computing cloud. provides an efficient mechanism to ensure DuPont’s research and development global 100 percent compliance with regulatory footprint encompasses over 150 R&D and security standards. facilities, with more than 9,500 scientists and engineers engaged in virtually every field of scientific endeavor. In 2011,1 nearly $2 billion was allocated to further the research and development of DuPont’s next generation of products and services. Designing a Trusted Infrastructure Building Trusted Compute Pools Technical computing encompasses both with Intel® TXT the need for ever-increasing computer Today, data security is at the forefront resources, coupled to a data management of most organizations, regardless of framework that provides performance, business focus. DuPont’s research and regulatory, licensing, and security targets. development efforts required a uniquely Key requirements included: hardened infrastructure that complied • A high performance infrastructure-as- with both project and regional “geo- a-service model: R&D projects might last fenced” boundaries to ensure sensitive or from days to years, so DuPont needed regulated data was managed according a platform that could quickly spin up in- to applicable policies. To help meet these frastructure on demand, based on OS, demands, DuPont employed Intel® TXT- capacity and performance requirements. enabled Dell PowerEdge servers, coupled Of equal importance is the ability to with cloud management software from a quickly return those resources to the leading ISV to create policy-driven trusted pool once projects are complete. compute pools that provided the necessary geo-fencing for the environments. • Compliance and security: DuPont operates in a number of countries, and Intel TXT is a set of security therefore needed a framework that enhancements built into select Intel® was aligned with existing compliance Xeon® processors and chipsets that and security policies and supported by creates a root of trust that extends auditing and reporting tools. Security from the hardware to the software and intellectual property protection is stack, including the BIOS, firmware, and core to all computational efforts and hypervisor or operating system. Intel these must comply with internal and TXT validates the configuration and external regulations. behavior of server hardware and software against a known good sequence in a To meet DuPont R&D’s unique needs, the tamper-resistant environment at startup, Information and Computing Technologies which helps prevent attacks such as (I&CT) group in DuPont Central Research BIOS and firmware update attacks, reset and Development (CR&D) set out to attacks, and rootkit hypervisors that create a cloud solution that provided the would compromise platform integrity R&D community the elasticity it needed, and trustworthiness. For example, if an while maintaining strict governmental attacker managed to install a rootkit on and security compliance. Once secure an Intel TXT-enabled platform, systems environments were built, DuPont deployed management software can use security Intel® Trusted Execution Technology (Intel® information provided by Intel TXT to TXT) to ensure that the computing pools identify the compromised server and then remained trusted, based on the original isolate it using automated policies. configurations across both Linux and Windows operating environments.2 The trust information provided by Intel TXT affords additional value when Powering DuPont’s R&D Cloud with migrating instances between hosts in Intel® Xeon® Processors either a virtualized or cloud environment. Research operations require that sensitive DuPont CR&D built its cloud foundation virtual machine instances are isolated to on 32-core Dell PowerEdge* R910 run only on trusted, high integrity hosts servers equipped with Intel® Xeon® within their cloud. DuPont CR&D’s cloud processor 7500 series.

2 management platform lets administrators Geo-location-based migration, combined create Intel TXT-verified trusted compute with Intel TXT, lets DuPont CR&D create pools, and then create policies that restrict migration policies that restrict virtual AT A GLANCE: INTEL® TXT virtual machines from migrating among machine migration to trusted servers Intel® Trusted Execution Technology trusted and untrusted hosts and vice versa. located in specific geographic areas. DuPont (Intel® TXT) creates a unique foundation cloud management software enabled of trust that is rooted in the hardware Administrators also have the ability to administrators to specify policies that and extends to other areas of the create trusted application templates that established application-specific compute infrastructure. It provides a launch ease deployment of new resources while pools based upon geographic zones, thus environment that cryptographically maintaining security, compliance, and restricting virtual machine migration to measures server hardware and software software licensing requirements. When trusted hosts outside of those zones. elements in the launch environment an R&D project requires new resources, against known good values that are I&CT administrators can rapidly establish Auditing and Compliance Reporting stored within a protected memory area. template-based resources in the cloud Intel TXT complements traditional that are protected by security policies. At startup, Intel TXT assigns each auditing and compliance reporting tools. element in the launch environment The combination of advanced execution By restricting virtual machine migration a cryptographically unique identifier. control and sound security allows DuPont and geographic location through These identifiers are then compared with to protect and isolate sensitive workloads policy-driven cloud management tools, the known good identifiers. If the values from potentially harmful attacks while administrators have better insight into align, the boot process continues in a easing virtual machine management, where sensitive workloads run, and better trusted state. If the values do not align, which gives administrators numerous control over how new virtual machines the platform boots into an untrusted management benefits while increasing the are introduced into the infrastructure. state. Systems management software security profile of the environment. And Intel TXT provides a hardware-based can then detect the platforms untrusted infrastructure for reporting and auditing status and take appropriate actions. Enabling Data and some of these control aspects—which Application Geo-fencing is beneficial in increasingly virtualized, At the hardware level, Intel TXT provides: Private clouds let organizations more global scale environments. • A protected execution and fully leverage infrastructure resources memory space where sensitive across business units, helping to reduce Intel® TXT: Security and Flexibility data can be processed. costs, increase uptime, and simplify without Compromise • Sealed storage to shield encryption systems management. These clouds also DuPont’s research-oriented high- keys and other secrets. can provide for robust disaster-recovery performance cloud was readily built using options, such as migrating virtual machines standard technologies, including the use • Verified launch, which enables between machines, VM Farms or even in of Intel TXT to help establish the concept launch of the measured launch regionally dispersed data centers helping of trusted platforms. This unique cloud environment into a known good to balance workloads among multiple sites, service provides DuPont R&D with the state, with changes detected through or move mission-critical virtual machines in highly leveraged, on-demand resources it cryptographic measurements. the event of a disaster. needs to support the growth in modeling, • Attestation, which confirms that a But what if your virtual machines contain simulation, informatics and analytics while system has correctly invoked the highly sensitive information that must increasing the security and compliance trusted execution environment and remain within a country’s borders, or capabilities within the data center. enables verified measurement of applications whose licensing policies software running in it. restrict the software’s use to a specific site? Traditional physical isolation of applications can be difficult in a virtualized cloud environment.

3 To find out how Intel® Trusted Execution Technology can help secure your infrastructure, contact your hardware vendor today, or visit www.intel.com/txt.

SOLUTION PROVIDED BY:

1 DuPont 2011 Annual Review 2 No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology (Intel® TXT) requires a computer with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). Intel TXT also requires the system to contain a TPM v1.s. For more information, visit www.intel.com/go/inteltxt. INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL’S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WAR- RANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. UNLESS OTHERWISE AGREED IN WRITING BY INTEL, THE INTEL PRODUCTS ARE NOT DESIGNED NOR INTENDED FOR ANY APPLICATION IN WHICH THE FAILURE OF THE INTEL PRODUCT COULD CREATE A SITUATION WHERE PERSONAL INJURY OR DEATH MAY OCCUR. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked “reserved” or “undefined.” Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information. The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling 1-800-548-4725, or by visiting Intel’s Web site at www.intel.com. Copyright © 2013 Intel Corporation. All rights reserved. Intel, Xeon, the Xeon badge, and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. Printed in USA 0413/KB/PRW/PDF Please Recycle 328527-002US