How will Intel buying McAfee affect the desktop virtualization industry?

By now you'd heard that Intel plans to buy McAfee (press release), which will become a wholly-owned subsidiary rolling into Intel's software group. There are plenty of other more qualified folks who've been blogging about the deal in general, but I'm curious about what this specifically means (if anything?

By now you'd heard that Intel plans to buy McAfee (press release), which will become a wholly-owned subsidiary rolling into Intel's software group. There are plenty of other more qualified folks who've been blogging about the deal in general, but I'm curious about what this specifically means (if anything?) for the desktop virtualization space? I mean sure, security is important for desktop blah blah. But specifically what will Intel do with McAfee in our space?

I guess first we should do a quick review and look at the specific things that Intel and McAfee are already doing on their own in the desktop virtualization space.

Intel's current desktop virtualization offerings

  • Well, they make most of our chips.
  • They have vPro, which in a lot of ways offers the same management benefits as client hypervisors
  • They're working with Citrix on XenClient (Citrix's client hypervisor), which will incidentally require vPro-enabled client devices

McAfee's current desktop virtualization offerings

  • This past May, they announced that they would build a special architecture for running antivirus software in VDI and multiple VM environments. (overview|video)

Revenue growth and service VMs?

Several members already shared their views on this acquisition in another article. Here are some snippets to get the conversation started:

From Edgeseeker: This acquisition is the most exciting one that I've seen in years, but it also stands an equal chance of being the dullest.

If Intel is merely acquiring McAfee for the sake of getting a bigger piece of the "corporate spending" pie, then this acquisition wouldn't be game-changing in my opinion. Intel is loathed by Wall Street because the growth story has been inexistent for quite some time. This acquisition could simply be a move to dispel this stigma. This could be a big Cloud Computing play.

On the other hand, if this acquisition is motivated by a higher vision, you should then expect a whole new generation of chipsets to emerge, with security and application awarness at the very core. This could also be a very big Cloud Computing play.

Of course, I would expect all platforms to be able to leverage these anticipated chipset functionalities, i.e.,  Windows, Linux, hypervisors, containers, etc. I'm confident such expanded chipsets would deliver the new capabilities to the upper layer as transparently as today's BIOS/firmware.

This is all speculation, though. I still think this acquisition is motivated by the need to satiate the lack-of-growth story. (At least, short term).

From Icelus: I think Citrix gave Intel an innovative push recently when approaching them with the Project Independence partnership (aka XenClient). I believe that may have triggered them to say, "we need to do more to deliver security to desktops than just provide hardware." I am willing to bet service VMs are on the horizon. (A few users on twitter also mentioned that this was probably about security service VMs.)

From AppDetective: Service VMs is what I think what will set XenClient apart from Virtual Computer, etc. The McAfees of the world are far more likely to build for XenClient or other large vendors—not a small vendor.

What else?

Back in April, I wrote that if you weren't careful, implementing desktop virtualization could actually make the overall security of your environment worse. Obviously McAfee played (and will continue to play under Intel) a role in that. But other than that, I'm drawing blanks... Anyone?

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

AV and security has always been seen as a bolt on - an extra

When I buy an iphone I may decide to add a protective case...

When I buy a car I may decide to continually wax it to protect the paint job...

When I buy a PC I may decide to add AV to protect me from malware...

The thing is though that in this era of high connectivity security needs to be built in from the ground up.

As more and more types of devices are hooked up to the cloud the importance of security continually increases. I don't want my web connected fridge to be hacked to purchase tinned spam from a spammer (see what i did there!) on my behalf.

Recent OS releases have been built from the ground up at least considering security (whether they are successful in this is another discussion) and that is definitely a step in the right direction - but windows security essentials is still an optional extra!

I really hope that this buyout will move the focus back to the hardware itself. Where this is relevant to our arena is that the hardware AV functionality could be leveraged at the hypervisor level. Imagine if the hypervisor could make decisions on whether or not to schedule a vCPU time slice request based on the recommendations of hardware based security services? In a virtualized world a hypervisor host's physical network connections are the gateway to everything. Why can't the hypervisor in conjunction with network hardware make security decisions on a packet by packet basis?

Let’s move the of field engagement further back - let’s keep the client OS a demilitarised zone rather than the battlefield itself.


As you probably realised the last line should read

Let’s move the field of engagement further back - let’s keep the client OS a demilitarised zone rather than the battlefield itself.


It's great that Intel is "allowing" the big M to continue functioning as a wholly owned subsidary. Quasi EMC/VMware.

Symantec never learned this key piece and had destroyed many brands. Imagine Symantec acquiring AMD (and ATI) and saying they are now Symantec.

Here are my thoughts:

1. Nothing will happen at first.

2. Intel acquired them for the growth potential and market.

3. In a few years, Intel will roll out great trusted computing solutions from the hardware level (Pre-OS)

4. Security is about all devices including mobile platforms. This is really about the Cloud-scape and not just virtualization.



This kind of thing always brings me back to thinking there might be a case for moving the hypervisor all the way down into the hardware. I wrote about it last year:

AppD mentioned Service VMs, and what better Service VM to create than a security-oriented one, running alongside or even underneath the OS.

With McAfee under Intel's umbrella, it just seems to me that the pieces are almost all there...spare actually burning a VMM on to a chip.


Who cares? Let the Infosec people worry about it...

My personal feeling is AV has been dead for years and it's a pointless waste of CPU cycles on your desktops and servers.  The virus that infects your PC will be zero-day and no one will have a signature for it anyway.  Policy beats software any day of the week.


I am with Gabe, if Intel is even thinking about virtualization then the really interesting potentially is to create off loaded AV solutions. For example, instead of running the AV processes locally they could be off loaded to hardware or virtual appliances. This could be pushed down to motherboard or add-in card layer to where AV processing is on a chip.

Also, don't forget that McAffee bought Secure Computing a while back and has one of the most robust firewall appliance technologies in the market. So they are a lot more than AV, can't wait to see what INTEL has in mind

PS- could also just be an investment on a purely finanical level, ie grow through aquisition and not even a plan to integrate


While the notion of Citrix sparking an innovation push at Intel sounds intriguing, I suspect the reality is much more mundane.

Intel probably acquired McAfee because:

1) the constant need to protect margins at the high-end of their product lines (vPro with iAMT) requires that Intel push an ever increasing set of capabilities into the platform.

2) The recent US DOJ settlement restricting the practice of preference payments to OEMs forces Intel to find additional revenue streams.

Project Independence (now XenClient) is all about #1 above from Intel's perspective.

I also suspect that this is not a game changing acquisition as far as the Desktop Virtualization space goes. Chances are pretty good that Intel may not even care that McAfee has a security solution for the Desktop Virtualization space.


On Intel McAfee synergies: Agree with Gabe and AppD; AV in a service VM would be my vote.

On connection to secure  virtual desktop:

Intel points to couple of drivers for its acquisition of McAfee. First, they point to the proliferation of devices and the need to secure them as a driver for its decision to acquire McAfee. This proliferation is primarily driven by the use of personal devices to access corporate data.  Second, with the increasing adoption of cloud-based services, how do you secure the access points? A lot of the talk about cloud security has been focused on securing data in the data center -- but how do you ensure that the browser that is accessing the secure cloud app is not being screen-scraped at the endpoint.  Again what better way to secure the access than a combined AV plus client virtual desktop solution which would give a secure access container from any endpoint personal or corporate.

MokaFive and AVG have announced a partnership to specifically address the issues mentioned above. The solution includes a secure virtual encrypted desktop container that can be deployed to the endpoint and further be secured from key-logging and screen-scraping attacks from the host machine by the AVG security scanning capability.  Press release at


An afternoon interview with an intel GM spells it out:



RingCube has some new things to announce and showcase with both Intel and McAfee at the upcoming events:

1) VMworld: Intel's booth #509 - vDesk on vPro will be the only desktop virtualization demo shown by Intel.

2) IDF (Intel Developer Forum): booth #666 - vDesk on vPro live demo. Hardware-assisted workspace virtualization. You'll learn more about how ING Group (#1 Fortune 500 bank) uses McAfee Encrypted USB drives with vDesk and with Win7 64-bit on Intel vPro

3) FOCUS 10 (McAfee Vegas): Kiran Kamity co-founder RingCube will be on an industry panel discussing secure virtual desktops with McAfee security with vDesk on vPro.

Security, Hardware-assistance, and Desktop Virtualization Optimized for mobile users.... guess what, no hypervisor required.

Look forward to seeing you at one of these events.



Very, very interesting. Could you please give us a slight hint at how vPro is being leveraged by vDesk? Would be nice if you could skim over it without divulging much detail ahead of vmWorld. Will certainly stop by the booth, though.



Another interesting article sheds some light on one of Intel's motives: the proliferation of mobile devices and the looming security threat.


Anti Virii is of those – can’t live with it, can’t live without it.  

I would like to agree with @Tony, for who among us haven’t had the debates on having anti virii/anti bad stuff on the executing platform, be it the traditional RDS or, perhaps even more, VDI.

However, as much I’d like to agree, I can, never could, for the sake of regulations and such. With some regret I have, in the end, taken the stance of having the antiX   on the executing platform.

For near future I’m with @Steve and, I guess, with @Gabe and @AppD. However, what intrigues me is what Intel might do with MacAfee in  the context of TPM and TXT. What are your thoughts?



Wish we could divulge some details on our work with Intel and to a lesser extent McAfee. However, the event schedule combined with the embargo agreements with media, analysts and partners prohibits us from doing so.

But RingCube is going to do its best to disclose as much as we possibly can at VMworld, IDF (Intel Developer Forum), McAfee FOCUS 10.  Of course, you'll start to see new information on the web. Intel has a joint whitepaper with RingCube about "hardware-assisted workspace virtualization" that Intel is posting to their website as well to cover the details of how we can take advantage of VT, AMT, AT, TPM, TXT, and various vPro features.

Hope to see you at one of the events. Should be fun. Cheers.



who remember how Intel failed in the past ?

- Shiva (1998) : RAS and dial up 1st VPN solution

- Lan Manager : desktop management

all the networking part...

not sure it will work.


@dougdooley While I certainly why I appreciate that it makes sense for a startup to get closer with Intel, can you help us all out. Along with the XC folks can you please please please explain to Intel, FU we are not going to pay a premium price for VPro, TXT (which has been hacked etc). Ask those f'ers to go and look at the amount of VPro jump they have sold vs. what people are using. VPro is going to fail until Intel make it a default including consumer laptops. If the RIngube strategy is at all to a appeal to consumers you have already failed. That is one thing I Virtual Computer has over everybody. If you think it will help you in the enterprise, it will only make marginal difference until those idiots at Intel make VPro free.


As Intel has explained it's mainly a move to gain marketshare into the mobile computing environment.

Putting client hypervisors aside, the common message that the vendors display is that the hypervisor is regarded as the foundation architecture to build highly scalable and secure VMs with minimal performance impact.

I am wondering if client hypervisors (XenClient, NxTop, etc.) will be utilized as the platform for these innovations.

In regards to the mobile market, maybe Open Kernal Lab's Microvisor with the Secure HyperCell Technology  will be the platform and given the progress of the "Nirvana" phone Intel might want to get in as the lead chip maker with security enabled chips traversing laptops, desktops, smartphones, ATMs, etc.

Has anyone taken a look at the OKL4's Microvisor architecture? It's pretty robust and can also isolate driver execution as well.

I think the goal is to develop or partner to create the most efficient platform based off of open source technologies which allows the most collaboration possible.

Intel, McAfee, Open Kernal Labs, and Citrix might prove to be quite an interesting combination in the future.

A little out there, but gets you thinking...


@appdetective - if I understand your comment correctly, you are expressing frustration with the lack of available vPro systems particularly in the consumer (non-Enterprise) market.

Without disclosing too much, what I can say is that Intel customer-facing teams like their BDMs (Enterprise sales) and ATS (Enterprise SEs) are pretty savvy about providing pragmatic IT solutions and not push something like vPro on their customers when it doesn't make sense.  Those Intel customer facing teams have told us that a big reason why they like RingCube vDesk is because on 32-bit systems we have ZERO restriction on hardware. We run on any x86 platform that runs XP, Vista, Win7. Customers can use Intel ATOM processors on netbooks or even AMD with vDesk and still have less than 1% performance overhead for their virtual desktop environment.  As long as the customer has a standard PC, then vDesk should just work. Believe it or not, the Intel folks said this is a must-have to get serious and introduce us into their accounts. Intel sales has tried to put forth client virtualization solutions that have "high bars" to make work (i.e. must have VT-x, vPro, etc.) Customers apparently don't want something that must have special hardware to run.

The new thing we're doing together is with a new release of Windows 7 x64, we are partnering up to deliver some additional hardware-assisted virtualization capabilities that we believe customers will want and appreciate.  The goal isn't to force them to vPro or even Intel only. Our product and roadmap reflect that fact. However, we do want to provide additional value around security and management that is enabled all the way down to the hardware layer.

Kiran Kamity, RingCube co-founder, will be demo'ng and explaining some of the highlights at Intel's booth #509 at VMworld.  Two weeks later, much more of the technical details will be disclosed at Moscone at IDF (Intel Developer Forum) booth #666 with a live demo on stage.  Then one month later, during the McAfee event in Vegas, we'll talk about specific customer implementations and production deployments from some of the leading security experts in the field.

Again, speaking from our direct experiences thus far, Intel is really trying to help customers solve problems in a pragmatic fashion and not just push any specific technology approach when it doesn't make sense. Intel vPro has advanced functionality that required considerable amounts of R&D investment and for most technology companies, we all develop advance features and hope to get compensated for our investments.

But I think what you're saying is that you would rather see vPro available everywhere including consumer-grade PCs which is not the case today. I can relay your message to our friends at Intel, for what it's worth, but wouldn't hold your breath because remember, we're just a software virtualization company in Silicon Valley doing our best to fight the good fight and help customers where we can.




vPro will most likely never be free. It is a management feature to meet business needs for remote management/diagnostic testing on hardware. It would be like if Citrix gave away Essentials for XenServer.

Intel has the right idea with vPro, but they are very generous with their ROI calculations because the opex of hardware costs is minimal compared to the opex of software costs.

Take note on XC Hardware Compatibility that vPro is highly recommended but not required. Intel is probably using XC to push vPro, for any other desktop virt vendors this will not be the case due to their distance with Intel.


I see all of your points being very valid however the horsepower on Netbooks and the ATOM processor is very limited. The use cases for local execution would only be for offline use and platform utilization would be minimal.

Offline use is a feature that is being banged around too often. Offline use is only usefull for os/apps that don't require online resources like databases or data. Granted we can take the data offline as well, but the management of that is currently at the user level and can get cumbersome.

When I want local execution it would be because:

1. user experience

2. app compatibility

3. offline use

4. utilize cheaper desktop resources vs expensive server resources

can't think of anymore at the moment, but you get my point.

Don't get me wrong, it should be every vendor's goal to support all device models whether they are high end or low end. But the use cases for them may not necessarily be the same either.


I have to eat my words about vPro - tons of features that I never knew existed.


@doug. I am not saying don't use features to enable use cases that people may want. I am simply saying don't depend on vPro. Using Intel vPro besides cost is just like using a thin client from Wyse you are locked in for years and if the hardware guy can't do something or the sw product you use won't do something on vPro version x, you are screwed. Management is not part of hardware, which is a low cost commodity item. I want to be able to counter Intel prices with AMD and if I am locked into vPro I can't. Therefore fine if people want to use it, and I get Intel is trying to create an ecosystem, but don't get fooled. If you build mgmt practices for a tiny amount of enterprise laptops then extending those benefits to the consumer is impossible. If Intel really wanted to make it a standard, vPro would be on the majority of their laptops in the consumer space as well. Citrix annoy me, that even though it appears XC does not need vPro they keep talking about it, and I see right through the back hand marketing handshake between the two companies.