ALTELL Trust: A full feature security suite
OverviewThe purpose of ALTELL TRUST is to provide system and data security in multi-user computing environments. ALTELL TRUST enables enhanced security through:
System Architecture and Components
ALTELL TRUST has a modular structure. Individual components of the system are designed to protect specific functionalities of a distributed computer network.
ALTELL Secure BIOS is an advanced firmware product. It ensures integrity of hardware and critical software components before the OS boot.
Chain of trust in a computing system begins at the firmware of each individual device connected to it. Protecting integrity of firmware is of paramount importance. ALTELL Secure BIOS implements mechanisms of protection of against backdoor hardware attacks such as Rakshasa. It relies on a multistage pre OS boot authorization protocols and role based access control of the users. Integrity of critical elements of hardware and software is first verified before the OS boot and is continuously monitored after that. ALTELL Secure BIOS has been designed according to TCG, NIST BIOS Protection Guidelines and NIST BIOS Protection Guidelines for Servers.
ALTELL seOS VT is a trusted virtualization environment designed to enable enhanced control of the system integrity, users, processes and applications at run time.
ALTELL Virtualization Technology - ALTELL seOS VT relies on isolation of users and processes to improve security through containerization. ALTELL seOS VT is transparent to users and can be implemented independently or together with ALTELL Secure BIOS for an additional security layer Virtualization approach to server and storage resources control and management eliminates many common threats and vulnerabilities such as viruses, trojans, DDOS attacks, etc.
ALTELL Management Module is a full function management suite for deployment, maintenance and operation of the ALTELL TRUST suite.
ALTELL Management Module is based on combination of ALTELL Secure BIOS, Intel AMT technology and Microsoft System Center Configuration Manager. It is a centralized management and control system that is highly scalable and versatile. ALTELL Management Module is a tool for deployment and maintenance of ALTELL TRUST. By separating security, technical and administrative functions ALTELL Management Module enables an unparalleled level of trust, customization and operational flexibility. A unified management console provides means for centralized, control of firmware, software, monitoring and journaling of user activities. System analysis tools can be integrated by customer request .
How does it work?
At the time of power-on or a device reboot and prior to the OS boot security modules built in ALTELL Secure BIOS verify integrity of the hardware and the operating system. ALTELL TRUST protects the system from a pre-boot unauthorized access to the hardware administrative tools. The access is controlled by means of multi-factor authorization protocols that are based on use of hardware and/or software tokens (smart card, LDAP/AD or both). ALTELL Secure BIOS enables trusted boot by limiting the boot devices and data to a pre-determined, verified and controlled set.
After the system boot a secure virtualized compute environment ALTELL seOS VT can be loaded. The purpose of ALTELL seOS VT is to provide runtime security of the system. ALTELL seOS VT ensures verification and continuous monitoring of integrity of itself and the components of the operating system. ALTELL seOS VT contains tools for efficient isolation of processes and users as well as control and monitoring of user activities. As an option advanced encryption mechanisms can be implemented to protect data in transit and storage. ALTELL seOS VT can be implemented on servers, client and network devices.
ALTELL Management Module enables centralized in- and out-of-band management of system hardware and software. It simplifies installation, configuration and maintenance of ALTELL Secure BIOS and ALTELL seOS VT.