Wave Systems Corp. (fka WAVXQ)

[New Wave]

XenClient 1.0 is apparently still a work in progress and does not yet support either TxT or TPMs. Samk, I believe the VMs featured in the NSA/HAP video were built on Type 2 hypervisors where the TPM provides an extra layer of security for network authentication and platform attestation, whereas XenClient is the newer Type 1 bare metal hypervisor which pretty much requires a TPM to be sufficiently secure at its core. It'll be interesting to see just how soon Dell and HP follow through on their plans to make XenClient available as a factory installed feature.

The following is shown on page 6 of the User Guide:

Installing XenClient

The first step in installing XenClient is to ensure that your computer has the correct BIOS settings. As a general rule
please ensure that:
• SATA is setup to use AHCI mode.
• Intel (R) Virtualization Technology is enabled.
• The Intel (R) VT-d and VT-x features are enabled.
• Trusted Execution Technology (TXT) and the Trusted Platform Module (TPM) are disabled.

http://support.citrix.com/servlet/KbServlet/download/24997-102-648184/XenClient_1_0_User_Guide.pdf


From Brian Madden on Oct 4th:

"What's interesting is that about a month ago I blogged about Intel vPro and basically wondered why Intel forced ISVs like Citrix and RingCube to require it and wondered whether there were any real-world advantages to vPro? The defenders of vPro cited examples like TxT (Trusted eXecution Technology) as example of how vPro is awesome with client hypervisors, but then in the XenClient 1.0 User Guide we learn that TxT and TPM are not supported by XenClient!?! WTF???"

http://www.brianmadden.com/blogs/brianmadden/archive/2010/10/04/citrix-releases-quot-xenclient-1-0-quot-their-client-hypervisor-don-t-waste-your-time-it-s-not-ready.aspx