IAMT_TOC

download IAMT_TOC

of 7

Transcript of IAMT_TOC

  • 8/8/2019 IAMT_TOC

    1/7

    Chapter 1 - Introduction to Platform ManageabilityPlatform ManageabilitySystem ManageabilityManageability Problems

    Asset InventoryComputer RepairComputer SecurityPower Savings

    Possible SolutionsIn-band versus Out-of-bandManagement Agents

    Out-of-band and Agent-lessManagement in Low Power States

    Summary

  • 8/8/2019 IAMT_TOC

    2/7

    Chapter 2 - History of ManageabilityProtocol and Data ModelSimple Network Management ProtocolDesktop Management InterfaceWired for ManagementIntelligent Platform Management Interface

    Alert Standard FormatCommon Information ModelAbstraction and ClassificationObject InheritanceAbility to Depict Dependencies, Component and Connection AssociationsStandard, Inheritable MethodsSummary

    Chapter 3 - Manageability StandardsCommon Information Model (CIM)

    UML DiagramManaged Object Format (MOF)

    CIM Object Manager (CIMOM)

    CIM ProfilesWeb-Based Enterprise Management (WBEM)WS-ManagementSummary

    Chapter 4 - Overview of Intel vPro PlatformsIntel vPro Value VectorsIntel vPro Ingredients

    Intel Core2 Processor with vPro TechnologyChipsetsGigabit EthernetPlatform BIOSSoftware Applications

    Key Intel vPro TechnologiesIntel Virtualization Technology (Intel VT)Intel Trusted Execution Technology (Intel TXT)

    Summary

    Chapter 5 - Intel Active Management Technology OverviewKey Characteristics

    Out of Band AccessLow Power OperationOperation in Various System StatesOS-Independent Agent-less SolutionTamper-Resistant Solution

    Discover, Heal, and Protect

    Key CapabilitiesHardware InventorySoftware InventoryHardware Health and Platform SensorsRemote Power ControlBoot ControlText Console RedirectionDisk RedirectionPersistent NVRAM Log

  • 8/8/2019 IAMT_TOC

    3/7

    AlertsThird Party Data Store (3PDS)Agent PresenceSystem DefenseEndpoint Access Control

    Interfaces and ProtocolsNetwork AccessLocal Access

    Intel AMT and Enterprise InfrastructureActive Directory IntegrationSetup and Configuration ServerManagement ConsolesCertificate ServerBIOSRouters, Access Points, and ServersDHCP and DNSWi-Fi Access PointsSecurity Compliance Suites

    Summary

    Chapter 6 - Solving End User Problems with Intel vPro ManageabilityProtect from a Worm OutbreakTracking Hardware AssetsFixing a Blue ScreenCompliance Network AlertTracking Power UsageChanging BIOS Settings RemotelyRemote Platform DiagnosticsLockup Detection and Power ControlSummary

    Chapter 7 - The Components of Intel Active Management TechnologyHardware Architecture

    Intel Manageability Engine (Intel ME)Memory for the Intel MENonvolatile Storage for the Intel MENetwork Access to Intel MEProtected ClockTrue Random Number GeneratorChipset Fuse Key

    Firmware ArchitectureIntel ME ROMIntel ME Kernel

    Intel ME Common ServicesIntel AMT Firmware Applications

    Software ArchitectureIntel AMT BIOS ComponentLocal Software ComponentsRemote Software Components

    Power Management States of Intel AMTSummary

  • 8/8/2019 IAMT_TOC

    4/7

    Chapter 8 - Discovery of Platforms and InformationNetwork Scanning for Intel AMTObtaining Intel AMT FeaturesObtaining Management InformationAsset Inventory

    Intel AMT Event Log

    Intel AMT Network AlertsEvent Log and Alert FiltersComputers Power, Battery, and Lockup State

    Third Party Data Storage (3PDS)3PDS Allocation SystemSummary

    Chapter 9 - Healing the PlatformsRemote IDE (IDE-R)

    IDE-R ProtocolIDE-R SpeedBooting a Recovery OS

    Serial-over-LAN (SOL)

    Serial-over-LAN ProtocolSerial-over-LAN SpeedBIOS Using Serial-over-LANOS Applications Using Serial-over-LANBuilding a Serial-over-LAN TerminalAdvanced Uses of Serial-over-LAN

    Summary

    Chapter 10 - Protecting the PlatformsSystem Defense

    Network FiltersNetwork PoliciesAnti-Spoofing Filter

    Rate Throttling FilterHeuristic Filter

    Heuristic PolicyHeuristic Filter DemonstrationHeuristic Filter Limitations

    Agent PresenceApplication HeartbeatTaking Action

    Summary

    Chapter 11 - Connecting and Communicating with Intel ActiveManagement Technology

    Connection

    Port UsagesAuthentication and AuthorizationEnvironment DetectionIntel AMT VPN Flag

    Local Host AccessImplementation of the VPN Flag

    Summary

  • 8/8/2019 IAMT_TOC

    5/7

    Chapter 12 - Internet Platform ManagementEnvironment DetectionIntel Fast Call for Help ProtocolIntel Fast Call for Help Policies

    Connection TriggersFast Call for Help Network Routing

    Fast Call for Help Security and AuthenticationFast Call for Help ConnectionIntel vPro enabled GatewayManageability DTK and Fast Call for HelpFast Call for Help Network SpeedFast Call for Help ConsiderationsSummary

    Chapter 13 Using Intel Active Management Technology in Small andMedium-Sized Businesses

    InstallationManageability CommanderConnecting

    Remote displayIntel System DefenseSummary

    Chapter 14 - Securing Intel Active Management Technologyfrom Attacks

    Threats to an Intel AMT ComputerLocal AttacksRemote AttacksIntel AMT Process and Memory IsolationIntel AMT Nonvolatile Storage IsolationFirmware SecurityIntel AMT BIOS Security

    Securing the Communication with Intel AMTAuthentication to Intel AMTAccess Control in Intel AMTTrusted Time in Intel AMT

    Summary

    Chapter 15 - Advanced Security Mechanisms in Intel Active ManagementTechnology

    True Random Number GeneratorSecure Storage of Sensitive Data Blob Service

    Chipset Fuse KeyMonotonic Counters

    Measured Launch of Intel AMT FirmwareSecurity Audit LogsSeparation of DutiesAudit Log RecordsPosting an Event to the LogAuditing PolicyThe Audit Trail

    Summary

  • 8/8/2019 IAMT_TOC

    6/7

    Chapter 16 - Privacy Protections in Intel Active Management TechnologyPrivacy in the World of Technology

    Privacy in the WorkplaceWhat Constitutes Private Information?The Legal Aspect of Privacy

    Importance of Privacy in Intel AMT

    Privacy Protection Mechanisms in Intel AMTOpt-in and Opt-outSecure Local ConfigurationEnd-user NotificationPrivate Data Storage ProtectionSecure Communication of InformationMitigating the Rogue Administrator

    Summary 13

    Chapter 17 - Deploying and Configuring Intel Active ManagementTechnology

    What Is Setup and Configuration for Intel AMT?Deployment Scenarios

    Factors to ConsiderIntel AMT Setup and Configuration OverviewIntel AMT Web Based ConfigurationIntel AMT Enterprise Configuration Methods

    Pre-shared Key TLS-based Configuration ProtocolAsymmetric Key TLS-based Configuration ProtocolConfiguring Enterprise DataConfiguration Audit RecordBare Metal Configuration

    Summary

    Chapter 18 - Developing Solutions for Intel Active ManagementTechnology

    Complete Re-useSupporting Serial-over-LAN

    Selecting a TerminalSelecting a Software Stack

    Selecting a WSMAN StackUsing the WSMAN TranslatorUsing the Manageability DTK StackManageability Stack ServicesCertificate OperationsKerberos SupportSummary

    Chapter 19 - Support for WS-Man and CIM ProfilesWS-Management Support in Intel AMT

    Intel AMT Data ModelDASH ProfilesIntel AMT Extension ProfilesSummary

  • 8/8/2019 IAMT_TOC

    7/7

    Appendix A - Quick Intel Active Management Technology SetupIdentify If You Have an Intel vPro SystemSetup Intel AMT SystemConfigure a Browser to ConnectConnect and ExploreNotables

    Summary