Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog

Can Intel vPro help combat Conficker worm?

Created: 30 Mar 2009 • Updated: 30 Mar 2009
Terry Cutler's picture
+3 3 Votes
Login to vote

Perhaps a better question is - How can the current Intel vPro Technology combined with existing management\security solutions help protect client systems?

This is not an attempt to scare or over-generalize the reality of security threats such as the Conficker worm.  The intent is directed to how a real-world situation can be addressed.  The suggestions below assume Intel vPro Technology is already configured within your environment - thus you are ready and able to use the out-of-band management technology in connection with existing "in-band" management tools.

 An overview of the Conficker worm is available online. The following are a few examples:

There are a mix of good\bad reports on preventing, detecting, removing, and basically addressing the worm.

The following are a few suggestions on how to combine Intel vPro Technology with client management and security solutions to help protect and remediate a worm infection situation.

Interested to know if you’ve employed such tactics and how these have assisted in combating the Conficker worm threat.

  • System Defense/Network Filtering to totally isolate a client - For systems that have been detected as infected on the network
  • Out-of-band discovery of systems needing a patch – In searching databases\logs for clients that have not received the latest security updates, the ability to locate those system on the network even when powered-off
  • Wake-up, patch and/or scan systems – using a job to reliably power-on via Intel vPro technology, distribute necessary security patches to the client, run security scans, and then power-off the client.
  • Isolate and patch – For systems that have not been patched\scanned, yet to provide a security precaution before allowing them on the network. This will require a customized system defense or network filter to allow certain “in-band” actions on the targeted client. (i.e. patch, scan, etc).

If not already familiar with how to combine out-of-band and in-band management techniques as mentioned above, example demonstrations for an Altiris CMS version 6 environment are available at, with the same material (including lab documents) also posted at

The opinions expressed on this site are mine alone and do not necessarily reflect the opinions or strategies of Intel Corporation or its worldwide subsidiaries.