Solution brief

New Capabilities with Citrix XenServer® and the ® Xeon® Processor E5 Family Supervisor Mode Access Prevention (SMAP) and Page Modification Logging (PML) deliver enhanced security and performance

As an IT professional, you are under New Security Capabilities Add to constant pressure to deliver a lot: an Already Strong Foundation better services, enhanced security and The more secure technologies and compliance, reduced costs, and an infrastructures become, the more infrastructure that supports workers in determined the hackers who would the office, on the road, and anywhere in exploit them get. Intel and Citrix between. You have to be confident that engineers work to help ensure that the solutions you and your team rely your enterprise has every possible on deliver every possible advantage. advantage to keep your data secure Intel and Citrix have collaborated for and hackers out. years to deliver solutions to help you Intel® Trusted Execution Technology meet the demands you face. These (Intel® TXT) is one such advantage.1 solutions can help your business It provides scalable platform easily deploy cloud technologies that security for both physical and virtual enhance security and deliver optimum infrastructures. At boot, Intel TXT performance and uptime. verifies the system BIOS, critical Intel and Citrix have a history of firmware, and ; if no issues innovation that continues with are found, the system boots into a Supervisor Mode Access Prevention trusted state. If issues are found, the (SMAP) and Page Modification system instead boots into an untrusted Logging (PML). SMAP and PML help state. This verification of trust helps you enhance security and maintain strengthen protection against certain availability and maximum performance types of attacks. for critical line-of-business (LOB) Intel TXT was first introduced as workloads. And Citrix XenServer® 7.0 a feature that could optionally be is one of the first server- enabled. With the release of the Intel platforms that takes advantage of the Xeon processor E5 v4 family, Intel SMAP and PML capabilities enabled by TXT is enabled by default. It is also the Intel® Xeon® processor E5 v4 family. accompanied by the new SMAP New Capabilities with Citrix XenServer® and the Intel® Xeon® Processor E5 Family 2

capability. SMAP works on top of Intel added SMAP code to the Citrix At-a-Glance: Intel® Xeon® Intel TXT to bring an added layer ® hypervisor in Xen Project* Processor E5 v4 Family and of protection to your enterprise’s (xenproject.org). The Citrix XenServer Citrix XenServer® 7.0 virtualized environments. engineering team then worked to ensure that SMAP was integrated Intel and Citrix collaborate to In virtualized environments without into XenServer 7.0. Enterprises that deliver cloud solutions that take SMAP, the hypervisor has full access run XenServer 7.0 on the Intel Xeon advantage of hardware-assisted to data on user pages. This access is processor E5 v4 family will be among security and provide a foundation needed for specific functionality, but it the first able to take advantage of the of trust. also provides an open door for a class SMAP capability and to access added of malware attack that lets a guest Intel® TXT provides a hardware security for virtualized environments. root of trust on platforms powered modify a pointer in the hypervisor’s memory space, direct it back to the by the Intel® Xeon® processor E5 See Performance Gains During guest’s memory space, and then take family and the Intel Xeon Host Migration processor E7 family.1 Together control of the hypervisor. During a typical live migration from with XenServer, Intel TXT helps SMAP is a CPU-based mechanism that one host to another, the hypervisor protect the underlying platform helps prevent unintended supervisor- copies all of the memory content from from threats from BIOS, hypervisor, mode access to data in the user space the guest to the host. and other firmware attacks, in by blocking access in all areas except Because the virtual machine is still addition to -based at- explicitly whitelisted sections. This being used during migration, it can tacks, such as root-kit installations. minimizes the ability of malware to continue writing pages to memory. divert operating-system access to With Intel TXT and XenServer, Any pages written to memory during malware-controlled user data (for your enterprise can create migration are set as read-only. When example, so-called NULL page attacks trusted compute pools—groups the guest then tries to write a page to on Linux*, when the app maps data at of hosts with verified security the memory, a write fault occurs. Each 0x0 and tricks the OS into using it). If integrity—that have sophisticated write fault is logged, impacts runtime, a specific function requires supervisor security, auditing, and reporting and creates additional load on the mode access to data in the user space, policies applied using third-party host. The more intensively the guest is SMAP is automatically—but only orchestration and reporting tools. utilized during migration, the greater temporarily—disabled to allow the the impact. Supervisor Mode Access function to run. Prevention (SMAP) works alongside Intel TXT to provide an added layer of security with hardware checking Spervisor ode ccess Prevention against malware attacks aimed at letting the guest take control of hypervisor memory.

Figure 1. SMAP prevents the hypervisor from accessing the guests’ memory space other than when needed for a specific function New Capabilities with Citrix XenServer® and the Intel® Xeon® Processor E5 Family 3

Server CP sae At-a-Glance: Citrix XenServer® Used by many of the world’s larg- Without Page est public-cloud service providers, Modification Logging XenServer is a bare-metal server- virtualization platform built on the With Page Available Modification Logging CPU Cycles open-source Citrix Xen® hypervisor. It can help your enterprise handle the most demanding workloads, uest page written to memory Write fault error and it is designed to scale with your business needs. Figure 2. With PML, CPU cycles previously used to track guest memory-page writes during live migration are available for guest use instead Citrix XenServer takes advantage of Intel® Virtualization Technology (Intel® VT), which further enhances PML is a new capability on the Intel can run faster during migrations than the hypervisor’s performance on Xeon processor E5 v4 family that Citrix on a system with only HDDs. High- servers powered by Intel® Xeon® XenServer 7.0 takes advantage of to throughput Intel SSDs for PCIe bring processors. Capabilities such as help reduce runtime overhead created data directly to Intel Xeon processors Supervisor Mode Access Preven- with the typical live-migration process. in near real time. The number of input/ tion SMAP) and Page Modification PML logs pages in hardware, rather than output (I/O) operations per second Logging (PML), available with Citrix in software through the hypervisor, (IOPS) can increase dramatically. The XenServer 7.0 and the Intel Xeon as is done without PML. XenServer benefit is more performance per server, processor E5 v4 family, make easily determines whether a virtual in addition to significantly reducing Citrix XenServer the clear choice machine has written to any pages latency during PML and other I/O for your enterprise. during migration and, if needed, it operations in a virtualized environment. flags those pages. No write faults are created or logged, which reduces Access More Advantages with the runtime overhead. Intel Xeon Processor E5 v4 Family pricing model, and optimizations for CPU cycles that would have been and Citrix XenServer 7.0 virtual desktops and . In addition to being one of the first used for tracking memory pages are The Intel Xeon processor E5 v4 family server-virtualization platforms to now available for use by the guest enables SMAP and PML. These and support the SMAP and PML capabilities instead. Virtual machines become more other new technologies help optimize in the Intel Xeon processor E5 v4 family, responsive, and the load on the host performance based on workload XenServer 7.0 offers an updated DOM0 is reduced. Flagged pages are simply demands, enhance cryptographic (Domain 0), improved storage, and recopied to the destination host during speed, and more. New orchestration multiple operational improvements. the next live-migration stage—this is and automation capabilities help better done transparently to the administrator manage shared-platform resources New SMAP and PML capabilities and users and without increasing the across compute, networking, and add to the already strong XenServer time to complete the live migration. storage. The Intel Xeon processor E5 virtualization platform and the Intel v4 family also features a higher core XenServer 7.0 is one of the first Xeon processor E5 family to let you count than previous-generation Intel server-virtualization platforms to let further enhance security and maintain Xeon processors, in addition to higher enterprises take advantage of the PML availability and maximum performance memory bandwidth, secure space for capabilities built in to the Intel Xeon for critical LOB workloads in your cryptographic keys, and enhanced processor E5 v4 family. enterprise. Bring these new capabilities, memory monitoring. along with other new technologies, to your virtualized environment with Citrix Intel® Solid-State Drives (SSDs) Deliver XenServer 7.0 offers a rich set XenServer 7.0 running on the Intel Xeon Even Greater Performance Gains of management and automation processor E5 v4 family. If your data center uses the Intel® SSD capabilities, a simple and affordable Data Center Family for PCIe*, PML Learn More

Citrix and Intel: “Page Modification Logging for Virtual Machine Monitor” white paper: citrix.com/global-partners/intel/overview.html intel.com/content/dam/www/public/us/en/documents/ Intel Xeon processor E5 family: white-papers/page-modification-logging-vmm-white- intel.com/content/www/us/en/processors/xeon/xeon- paper.pdf processor-e5-family.html Intel SSD data center family: Citrix XenServer: intel.com/content/www/us/en/solid-state-drives/ citrix.com/products/xenserver/ intel-ssd-dc-family-for-nvme.html

1 Intel® TXT support for Citrix XenServer® requires the Measured Boot Supplemental Pack. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at intel.com. Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade. Intel, the Intel logo, Intel Inside, the Intel Inside logo, and Xeon are trademarks of Intel Corporation in the U.S. and other countries. Citrix, the Citrix logo, Xen, and XenServer are trademarks of , Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Copyright © 2016 Intel Corporation. All rights reserved. *Other names and brands may be claimed as the property of others. Printed in USA 0416/TA/PRW/PDF Please recycle 334128-001US