RealTime IT News

Phoenix Next-Gen BIOS Rising in PCs, Servers

BIOS maker Phoenix Technologies is expanding the company's next-generation firmware to include PCs, servers, embedded devices and appliances.

The announcement, slated for Tuesday, comes six months after the Milpatas, Calif., company debuted Core System Software (CSS) for notebooks, which it called the fastest-growing hardware requirement in the enterprise.

Tuesday's news expands CSS to other enterprise-centric systems: not just PCs and servers, but also embedded devices like PDAs and point-of-sale (POS) terminals.

CSS, according to Phoenix officials, is the next step forward in the evolution of the BIOS, the software layer that fires up software drivers that control hardware before the operating system boots.

Like its notebook counterpart, the new firmware for PCs, servers and embedded devices comes with an embedded 128-bit encrypted key that authenticates the machine against the network. If employees or unauthorized users try to hop on the network without a valid key, they can either be bounced out of the network or sent into a "sandbox" that sits outside of critical network areas.

Phoenix's Award BIOS is found on four out of every five x86-based PCs around the world, but officials say the technology is dated and modeled on standalone PCs of the early 80's. Using that antiquated technology in today's always-on and OnDemand world, they said, can be dangerous for an enterprise system that wasn't designed for networked systems.

"As soon as you put a device on the network, a set of new requirements become critical that weren't there for standalone devices, things like providing trust and security, providing a level of manageability, things that are important in the management of a network," said Michael Goldgof, Phoenix senior vice president of marketing and products.

The industry standard these days is to throw up firewalls, proxy servers and anti-virus software to keep out most of the unwanted network intrusions. But malicious hacks and viruses still plague IT departments today; with CSS, security resides within the system itself.

"The Sasser worm proved that perimeter defenses are no longer sufficient," Goldgof said. "It was basically able to drill through the firewall and bring down or interfere with the operation of computers. So the device-level security and trust is critical."

What it comes down to is putting more functionality into an area that was once reserved for just core operations like POST (Power-On Self Test) . With CSS, the POST and BIOS boot up functions are there, but now they include the embedded crypto engine and the ability to store application data.

The company is also reaching out to developers with its CoreArchitect program, which will let them program their own utilities and functionality inside the CSS.

For the time being, development exists only within the Microsoft .NET framework. Robert Wise, director of product marketing at Phoenix, said he expects Java compatibility in the future. Earlier this year, Phoenix announced its CoreArchitect program would be tightly integrated with Visual Studio .NET 2003.

"Our first adopters have told us that Microsoft is priority one," he said. "We're beginning to get some input that J2EE will be important to do. As we gather more input we will certainly look at that as a roadmap item."