Performance Index

ID Date Classification
615781 12/05/2024 Public
Document Table of Contents

Intel vPro®

All versions of the Intel vPro® platform require an eligible Intel® Core™ processor, a supported operating system, Intel LAN and/or WLAN silicon, firmware enhancements, and other hardware and software necessary to deliver the manageability use cases, security features, system performance and stability that define the platform. Additional details at www.Intel.com/vPro.

The chart below does not reflect all features and capabilities available on Intel-based devices. Check the relevant manufacturer or retailer website to determine individual system features and capabilities.

Intel vPro® powered by 13th Gen Intel® Core™ processors

Proposed Claim Full Disclaimer
Reducing the attack surface significantly vs. 4 year old devices The latest Intel vPro® platform has an approximately 70% smaller attack surface compared to four-year-old devices, as measured by IOActive report published March 2023 analyzing respective attack surfaces of Intel vPro devices powered by 13th Gen Intel Core processors and four-year-old Intel-based PCs on Windows OS. Attack surface refers to the sum of system functionality potentially susceptible to vulnerabilities, pathways or methods-sometimes called attack vectors-that hackers can use to gain unauthorized access to the network or sensitive data, or to carry out a cyberattack. To measure the security improvements from the hardware features, IOActive utilized a metric called Potentially Addressable Mitigation Surface (PAMS). PAMS measures the reduction of the attack surface by the hardware mitigations based on their full deployment and theoretical effectiveness. Research was completed using publicly available documentation. The estimated attack surface of the latest Intel vPro platforms powered by 13th Gen Intel Core processors is approximately 70% smaller than vs four-year-old Intel vPro platforms. Visit www.intel.com/vPro to learn more. No product or component can be absolutely secure.
Intel vPro is the best business computing platform available today As of March 2023; by validating business PCs against a rigorous specification defined for each product version, Intel vPro delivers tangible advantages for any business user. Intel develops Intel vPro by combining four key pillars that are critical to business success (performance, security, manageability, and stability) through product design, broad open ecosystem enablement (OEMs, ODMs, OSs, ISVs, etc.), performance optimizations, and validation against strict product specifications unlike any other commercial client platform. Unique features in each version of Intel vPro are tailored to address the needs of corresponding business segments such as large enterprise, medium business, small business (managed and unmanaged), education, and public sector - all regardless of size, maturity, or trajectory. Please see the feature chart on the Intel vPro performance index page for additional details on certain specific features available on the different Intel vPro platforms. All versions of the Intel vPro® platform require an eligible Intel processor, a supported operating system, Intel LAN and/or WLAN silicon, firmware enhancements, and other hardware and software necessary to deliver the system performance, security features, manageability use cases, and lifecycle stability that define the platform. Visit www.intel.com/vPro to learn more about these capabilities.
Intel TDT provides up to 7X boost in scanning performance Crowdstrike found Intel® Threat Detection Technology can boost scanning up to 7x, resulting in faster detection of fileless attacks that are the #1 attack entry method. Accelerated Memory Scanning, a capability of Intel® Threat Detection, is now available in Crowdstrike Falcon. The memory scanning engine integrates Intel Threat Detection Technology accelerated memory scanning (AMS) into the Falcon sensor. Intel TDT AMS optimizes performance on Intel CPUs and offloads computation to the Intel integrated graphics processing unit (iGPU) when present. Recent Crowdstrike testing found a 3-7x acceleration in offload memory scanning to the iGPU via Intel TDT API over CPU scanning methods according to this Crowdstrike blog . Intel does not control or audit third-party data. You should consult other sources to evaluate accuracy.
Intel vPro® has the most comprehensive security for your business. As of March 2023, based on the unrivaled combination of above and below the OS security capabilities, app and data protections, and advanced threat protections Intel vPro delivers for any sized business, as well as Intel's security first approach to product design, manufacture, and support. All business PCs built on the Intel vPro platform have been validated against rigorous specifications, including unique hardware-based security features. Intel brings multiple vectors of security to the Intel vPro® security value proposition with unique offerings tailored for your business, well beyond features only and unlike any other commercial client platform. This includes Intel's security assurance programs : security by design principles, transparency and disclosure of vulnerabilities and a robust Intel Platform Update process, an esteemed bug bounty program as well as internal research through red teams and more. Read more on the results of this program for 2022 here . Beyond this, Intel evolves security capabilities on each platform and brings new innovation and updates to existing features. Learn more at www.intel.com/security . Intel has the first and only hardware-based threat detection of its kind that works to augment security software for high efficacy detection of the latest ransomware, cryptojacking, supply chain style attacks and even zero-day attacks. Intel works with the largest eco-system to enable silicon security features as part of a defense-in-depth strategy. This includes additional scale partners for Intel® TDT capabilities and out-of-the-box feature enablement for OS updates. Furthermore, Intel and Coalfire experts have completed an analysis of hardware security capabilities available on vPro systems against industry security controls (NIST, MITRE, TCG) with 43 built-in MITRE ATT&CK countermeasures. The Intel vPro security promise brings together a comprehensive set of security programs, processes, partners and out-of-the-box enablement as well as new capabilities - all through the broadest, open ecosystem to give any business the breadth of choice and compatibility it needs. Visit www.intel.com/vPro to learn more about these capabilities. No product or component can be absolutely secure.
Intel-based PCs have a 26% lower risk of major PC-related security events according to a recent IDC report. Based on IDC's "The Business Value of Intel Security for PCs" report published March 2023 (commissioned by Intel), which cites a lower reported risk of significant financial impact events occurring through an Intel-based Windows PC (Intel PCs) compared with other Windows PCs (other PCs). To understand differences in terms of security capabilities, security risk, staff time requirements, and business and operational impact, IDC surveyed several large organizations across multiple industries based in the United States, Australia, and the United Kingdom that deploy Intel PCs and those that also have experience deploying other PCs. IDC's analysis shows that Intel PCs offer built-in security functionality that enables organizations to maintain more robust and efficient PC security environments by proactively preventing attacks that can cause significant financial impact events, which were reported to have an average potential cost per instance of $11.43 million for potential lost revenue, remediation costs, and regulatory fines . Study results estimated based on reported information. Visit www.intel.com/security to learn more. No product or component can be absolutely secure.
Intel-based PCs have 21% fewer impactful security events, according to a recent IDC report. Based on IDC's "The Business Value of Intel Security for PCs" report published March 2023 (commissioned by Intel), which cites a lower reported risk of significant financial impact events occurring through an Intel-based Windows PC (Intel PCs) compared with other Windows PCs (other PCs). To understand differences in terms of security capabilities, security risk, staff time requirements, and business and operational impact, IDC surveyed several large organizations across multiple industries based in the United States, Australia, and the United Kingdom that deploy Intel PCs and those that also have experience deploying other PCs. IDC's analysis shows that Intel PCs offer built-in security functionality that enables organizations to maintain more robust and efficient PC security environments by proactively preventing attacks that can cause significant financial impact events, which were reported to have an average potential cost per instance of $11.43 million for potential lost revenue, remediation costs, and regulatory fines . Study results estimated based on reported information. Visit www.intel.com/security to learn more. No product or component can be absolutely secure.
Intel-based PCs have 17% security team efficiencies, according to a recent IDC report. Based on IDC's "The Business Value of Intel Security for PCs" report published March 2023 (commissioned by Intel), which cites a lower reported risk of significant financial impact events occurring through an Intel-based Windows PC (Intel PCs) compared with other Windows PCs (other PCs). To understand differences in terms of security capabilities, security risk, staff time requirements, and business and operational impact, IDC surveyed several large organizations across multiple industries based in the United States, Australia, and the United Kingdom that deploy Intel PCs and those that also have experience deploying other PCs. IDC's analysis shows that Intel PCs offer built-in security functionality that enables organizations to maintain more robust and efficient PC security environments by proactively preventing attacks that can cause significant financial impact events, which were reported to have an average potential cost per instance of $11.43 million for potential lost revenue, remediation costs, and regulatory fines . Study results estimated based on reported information. Visit www.intel.com/security to learn more. No product or component can be absolutely secure.
Intel-based PCs can provide a 14% lower 5-year cost of operations per PC, according to a recent IDC report. Based on IDC's "The Business Value of Intel Security for PCs" report published March 2023 (commissioned by Intel), which cites a lower reported risk of significant financial impact events occurring through an Intel-based Windows PC (Intel PCs) compared with other Windows PCs (other PCs). To understand differences in terms of security capabilities, security risk, staff time requirements, and business and operational impact, IDC surveyed several large organizations across multiple industries based in the United States, Australia, and the United Kingdom that deploy Intel PCs and those that also have experience deploying other PCs. IDC's analysis shows that Intel PCs offer built-in security functionality that enables organizations to maintain more robust and efficient PC security environments by proactively preventing attacks that can cause significant financial impact events, which were reported to have an average potential cost per instance of $11.43 million for potential lost revenue, remediation costs, and regulatory fines . Study results estimated based on reported information. Visit www.intel.com/security to learn more. No product or component can be absolutely secure.
Intel-based PCs can provide a 22% lower cost of lost productivity, PC security and performance issues, according to a recent IDC report. Based on IDC's "The Business Value of Intel Security for PCs" report published March 2023 (commissioned by Intel), which cites a lower reported risk of significant financial impact events occurring through an Intel-based Windows PC (Intel PCs) compared with other Windows PCs (other PCs). To understand differences in terms of security capabilities, security risk, staff time requirements, and business and operational impact, IDC surveyed several large organizations across multiple industries based in the United States, Australia, and the United Kingdom that deploy Intel PCs and those that also have experience deploying other PCs. IDC's analysis shows that Intel PCs offer built-in security functionality that enables organizations to maintain more robust and efficient PC security environments by proactively preventing attacks that can cause significant financial impact events, which were reported to have an average potential cost per instance of $11.43 million for potential lost revenue, remediation costs, and regulatory fines . Study results estimated based on reported information. Visit www.intel.com/security to learn more. No product or component can be absolutely secure.
Intel based PCs can provide a 15% lower time to deliver new PCs, according to a recent IDC report. Based on IDC's "The Business Value of Intel Security for PCs" report published March 2023 (commissioned by Intel), which cites a lower reported risk of significant financial impact events occurring through an Intel-based Windows PC (Intel PCs) compared with other Windows PCs (other PCs). To understand differences in terms of security capabilities, security risk, staff time requirements, and business and operational impact, IDC surveyed several large organizations across multiple industries based in the United States, Australia, and the United Kingdom that deploy Intel PCs and those that also have experience deploying other PCs. IDC's analysis shows that Intel PCs offer built-in security functionality that enables organizations to maintain more robust and efficient PC security environments by proactively preventing attacks that can cause significant financial impact events, which were reported to have an average potential cost per instance of $11.43 million for potential lost revenue, remediation costs, and regulatory fines . Study results estimated based on reported information. Visit www.intel.com/security to learn more. No product or component can be absolutely secure.
In recent testing, Intel® Threat Detection Technology detected 93% of top ransomware attacks while competitor systems found none. Based on SE Labs - Enterprise Advanced Security (Ransomware) - Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. SE Labs tested Intel's hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.
Intel® Threat Detection Technology helps uncover never before seen zero-day attacks. Based on SE Labs - Enterprise Advanced Security (Ransomware) - Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which evaluated ransomware detection capabilities of an Intel vPro system powered by Intel Core processor. SE Labs tested Intel's hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7. Study results based on analysis of system response to simulated novel cyberattacks. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure.
Intel® Threat Detection Technology has been shown to increase overall EDR ransomware protection efficacy by 24% over software alone. Based on SE Labs - Enterprise Advanced Security (Ransomware) - Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. EDR refers to endpoint detection and response vendor. SE Labs tested Intel's hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.
Intel® Threat Detection Technology has been shown to augment AV/EDR SW to catch 91% of ransomware attacks. Based on SE Labs - Enterprise Advanced Security (Ransomware) - Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. AV refers to anti-virus and EDR refers to endpoint detection and response vendor. SE Labs tested Intel's hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.
Intel® Threat Detection is the only AI-based silicon security in deployment across a billion PCs. As of March 2023, Intel TDT provides the only silicon-enabled AI threat detection to help stop ransomware and cryptojacking attacks for Windows-based systems. Learn more at www.intel.com/tdt . No product or component can be absolutely secure.
Intel® Threat Detection Technology and Intel vPro® are recognized as the most innovative new security technology by SE Labs. Intel Threat Detection technology was awarded "Most Innovative New Security Technology" by SE Labs as seen in their 2023 Annual Report: https://selabs.uk/reports/annual-report-2023/ . SE labs notes in their annual report for Top Innovator Awarded to Intel that, "Attackers are constantly finding new ways to attack, so security vendors need to keep inventing ways to detect and prevent them from gaining ground. It's not enough to tag marketing phrases such as 'machine learning' onto a product to win our Innovator award. The products need to work extremely well and provide vast added value to the items in your security toolbox."
The unique Anomalous Behavior Detector from Intel® Threat Detection Technology is the first hardware-based capability to help detect software supply chain attacks on PCs. Intel has the first and only hardware-based threat detection of its kind that works to augment security software for high efficacy detection of the latest ransomware, cryptojacking, supply chain style attacks and even zero-day attacks in Windows-based systems. Intel TDT Anomalous Behavior Detection (ABD) is a hardware-based control flow monitoring and anomaly detection solution able to monitor business apps for early indicators of compromise, leveraging the Intel CPU to build dynamic AI models of "good" application behavior. See www.intel.com/tdt for additional details. No product or component can be absolutely secure.
Intel® Threat Detection Technology can detect the latest threats at the highest efficacy. Based on SE Labs - Enterprise Advanced Security (Ransomware) - Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. SE Labs tested Intel's hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.
Intel vPro® is the only business platform with built-in hardware security to detect ransomware and software supply chain attacks. As of March 2023, Intel has the first and only hardware-based threat detection of its kind that works to augment security software for high efficacy detection of the latest ransomware, cryptojacking, supply chain style attacks and even zero-day attacks in Windows-based systems . Based on SE Labs - Enterprise Advanced Security (Ransomware) - Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. SE Labs tested Intel's hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.
Intel® vPro powered by 13th Gen Intel Core processors is the only platform with 43 built-in MITRE ATTACK countermeasures. Intel evolves security capabilities on each platform and brings new innovation and updates to existing features. Intel has the first and only hardware-based threat detection of its kind that works to augment security software for high efficacy detection of the latest ransomware, cryptojacking, supply chain style attacks and even zero-day attacks. Additionally, Intel works with the largest eco-system to enable silicon security features as part of a defense-in-depth strategy. Furthermore, Intel and Coalfire experts have completed an analysis of hardware security capabilities available on vPro systems against industry security controls (NIST, MITRE, TCG) with 43 built-in MITRE ATT&CK countermeasures. The Intel vPro security promise brings together a comprehensive set of security programs, processes, partners and out-of-the-box enablement as well as new capabilities - all through the broadest, open ecosystem to give any business the breadth of choice and compatibility it needs. Visit www.intel.com/vPro to learn more about these capabilities. No product or component can be absolutely secure.
Intel vPro® Essentials for Windows Intel vPro® Enterprise for ChromeOS Intel vPro® Enterprise for Windows Intel Features Feature Description "In Short"
Performance
Not supported Not supported Eligible 13th Gen Intel® Core™ processors CPU Eligible Intel® Core™ i5, i7, and i9 series processors with performance hybrid architecture Essential Business-Class Performance
Not supported Eligible 13th Gen Intel® Core™ processors CPU Eligible high-end Intel® Core™ i5, i7, and i9 series processors with performance hybrid architecture Top Bin Professional-Grade Performance
Intel® Wi-Fi 6E Wireless LAN that supports dual-stream in 2.4GHz, 5GHz, and 6GHz bands, with TCP throughput exceeding 2Gbps Intel's latest and greatest Wi-Fi technology for improved speed, latency, and reliability

(Select Designs)

Thunderbolt™ 4 Cable connection interface with high bandwidth and speeds up to 40Gbps, power throughput for device quick-charging, and docking capabilities A single port for fast charging, fast data transfer, and connections to peripherals/docks
Not supported Intel® Connectivity Performance Suite Continuously rates available Wi-Fi access and switches to best possible connection, while prioritizing data packets based on user preferences Software that intelligently and automatically improves Wi-Fi connectivity and performance
Security
Intel® VT-x, Intel® VT-d, Intel® APIC-v, MBEC Enables a variety of OS security services including Virtualization-Based Security on Windows systems Out-of-the-box security for modern virtualized workloads
Intel® Control Flow Enforcement Technology Hardware-enhanced protection against memory safety attacks common to connected apps such as browsers, meeting tools, etc. Helps protect apps that connect and interact with the network, which is often where malicious code gets injected
Security features provided by Google Intel® Threat Detection Technology Provides a hardware assist for security applications such as anti-virus software, including offloading some functions to graphics co-processor Hardware boost to security software (ISV)
Intel® Platform Trust Technology Integrated Trusted Platform Module within Intel SOCs, supporting TPM 2.0 and Intel® TXT Out-of-the-box security providing root of trust features and capabilities
Intel® Hardware Shield A suite of security technologies that help provide full stack protection A set of security features that expand protections to the hardware level
Not supported Intel® Total Memory Encryption - Multi-Key (Intel® TME-MK) Intel TME: Encrypts DRAM to help protect against a physical cold boot attack; Multi-key can encrypt sections of DRAM as directed by OS Hardware-based security against physical attacks
Not supported Not supported Intel® Key Locker Protects keys used by AES-NI encryption Protected storage for encryption keys, a key step in bolstering overall security
Manageability
Not supported Manageability features provided by Google Intel® Active Management Technology Remote out-of-band management for efficient proactive and reactive system maintenance over Ethernet or Wi-Fi connections Full suite of remote manageability features for enterprise, including Hardware KVM

(subset of Intel® AMT)

Intel® Standard Manageability A subset of Intel® AMT with out-of-band management over Ethernet and Wi-Fi, but no KVM or new life cycle management features. Built-in management features for remote out-of-band access, without Hardware KVM

(Select Designs)

(Select Designs)

Intel® Local Platform Erase User-initiated tool for repurposing computer systems by erasing the disk, clearing TPM, resetting the Intel® CSME and resetting UEFI/BIOS. A secure method to erase user and company data on a device via single command, initiated by the user locally

(Select Designs)

(Select Designs)

Intel® Platform Service record Keeps a tamper-resistant record and device history, providing telemetry data and authenticity for various components Tracks the health of a PC throughout its lifecycle to inform about device reliability and the need for upgrading, repurposing, or retirement.
Not supported

(Select Designs)

Intel® One Click Recovery Fast remote recovery of disabled Intel® AMT-activated computing endpoint, returning PC to last-know good OS image state Tool that quickly fixes catastrophic system failures to get PCs up and running faster
Not supported

(Select Designs)

Intel® Remote Platform Erase Intel® AMT feature for repurposing computer systems by erasing the disk, clearing TPM, resetting the Intel® CSME and resetting UEFI/BIOS. A secure method to erase user and company data on a device via single command, executed remotely by IT
13th Gen Stability
Not supported Intel® Stable IT Platform Program Platform validation that aims for zero hardware changes for 15 months from first availability or until the next generational release PC lifecycle stability and predictability
Not supported Firmware Update Resilience Supports automatic restart of a failed firmware update and automatic recovery to a last known good firmware image if newly-installed firmware causes an issue Stable manner to push firmware updates