AMI TruE® Featured as an Edge Compute Platform Security Solution in the Intel® Smart Edge Ecosystem

by | Dec 28, 2021 | Tech Blog

System and platform providers have long understood that to drive and accelerate the adoption of their products it is also essential to provide a well-developed ecosystem of applications and development tools for their enterprise, cloud and data center customers. Doing so enables end users to optimize and fine-tune the performance of their systems for specific applications without reinventing the wheel and spending valuable time and resources on application testing and development.

As a leading provider of open-source and enterprise foundational technologies, AMI has always been committed to participation in a broad range of these programs, recognizing the multitude of benefits they offer in helping to drive innovation forward. In this spirit, we are pleased to share that our AMI TruE® Trusted Environment Security Solution is now featured as an Edge Compute Platform Security Solution within the Intel® Smart Edge Ecosystem.

AMI is proud to be featured together with Advantech®, Dell EMC®, Lenovo®, Red Hat®, Supermicro® and many other industry leaders who are driving innovation at the edge of the network with commercialized solutions optimized with Intel Smart Edge. AMI has optimized AMI TruE for Intel® architecture-based hardware according to the guidelines of the Intel Smart Edge program, to ensure that data center and edge systems remain secure and protected throughout the product lifecycle.

About the Intel Smart Edge Program

The Intel Smart Edge Program (previously known as OpenNESS) is a leading example of a successful and quickly-growing ecosystem initiative for enabling end-user success. This program represents a comprehensive portfolio of edge computing software that is highly optimized for Intel-based hardware platforms, making it easy for enterprises to onboard and manage applications and network functions across on-premise and the network edge.

The Intel Smart Edge portfolio of solutions supports workload convergence at the edge for networking and IoT workloads by enabling adopters with highly optimized platforms for service acceleration at the edge. It delivers the advanced capabilities required at the edge for AI, media, security, networking and similar industries and consists of two main offerings, both with advanced capabilities and optimizations for easy adoption into edge products and platforms. Intel Smart Edge, which includes AMI TruE, is a comprehensive selection of turn-key commercial software delivered with differentiated features and services directly from Intel, while Intel® Smart Edge Open is a royalty-free edge software toolkit available for developers and infrastructure builders.

AMI TruE: A Powerful Solution for Confidential Computing, Platform Attestation and Trusted Cloud Execution

As edge and data center platforms continue to add firmware for individual components, firmware vulnerability has also grown as an area of concern – driving interest in its security and integrity to new heights. Because innovation in firmware security demands a deep understanding of firmware and its development, AMI is perfectly positioned to enhance firmware security for the industry and deliver trust at the platform level. And as a longstanding partner of Intel, AMI and Intel continue to closely collaborate in the delivery of leading-edge firmware and security technologies – making AMI TruE a perfect fit for the Intel Smart Edge program.

AMI TruE is a holistic data center and edge security solution that delivers foundational security, leveraging security technologies from Intel including Intel® Security Libraries for Data Centers (Intel® SecL-DC) and Intel® Software Guard Extensions (Intel® SGX). It is scalable, extensible and built for cloud-to-edge applications, tracking the trusted compute status of servers and edge platforms and providing remediation measures for untrusted platforms.

Leveraging Intel SGX, AMI TruE enables confidential computing, eases deployment of workload attestation, provides reliable workload launch time protection, secures encrypted application keys and more. It delivers reliable remediation with in-band provisioning for untrusted platforms through Redfish®-based provisioning features and out-of-band management with DMTF Redfish® standards for resource discovery and management, continuous monitoring and remediation actions.

AMI TruE for Intel Smart Edge Deployment Model

AMI TruE supports a scalable and distributed deployment model, where the Intel® Smart Edge Open Controller Node hosts the control plane components and the platform security service is hosted on the worker node. The platform security agent runs on each edge node managed by AMI TruE.

A key use case supported by AMI TruE for Intel Smart Edge hardware is launch time protection. Because the security status of edge infrastructure hardware, firmware and software is not typically tracked by infrastructure providers, edge infrastructure administrators are often less aware of whether the hosts on which they are launching their workloads are verified, compromised, or susceptible to outside attacks. To address this shortcoming, cloud orchestrators like Kubernetes® can label server nodes with key value attributes.

In this way, AMI TruE remote attestation services can publish trust and informational attributes to the orchestrator for use in workload launching decisions – such as only launching sensitive workloads on trusted edge servers. Now, administrators can utilize AMI TruE edge infrastructure to schedule their application workloads with orchestrator policies, to ensure they land on trusted hardware. And with custom asset tag labeling, administrators can launch every workload on the host that is categorized to meet the specific requirements of each.

Get Started with the Intel Smart Edge Ecosystem Today

To get started with Intel Smart Edge commercial and open-source solutions, please visit https://networkbuilders.intel.com/intel-technologies/intel-smart-edge.

To access AMI TruE in the Intel® Smart Builder Commercial Solutions library, please visit

https://networkbuilders.intel.com/commercial-applications/ami-true-platform-attestation

And for more information on the AMI TruE Platform Security Solution, visit ami.com/run-secure or contact AMI via ami.com/contact to connect with an AMI Security Solutions Expert.

Redfish® is a registered trademark of DMTF in the US and other countries. KUBERNETES® is a registered trademark of the Linux Foundation in the US and other countries. Advantech® is a registered trademark of ADVANTECH CO., LTD. limited company (ltd.) TAIWAN in the US and other countries. Dell EMC® is a registered trademark of Dell Inc. in the US and other countries. Lenovo® is a registered trademark of Lenovo (Beijing) Limited CORPORATION CHINA in the US and other countries. Red Hat® is a registered trademark of Red Hat, Inc. in the US and other countries. Supermicro® is a registered trademark of Super Micro Computer, Inc. in the US and other countries.

You May Also Like…