8/8/2019 IAMT_TOC

1/7

Chapter 1 - Introduction to Platform ManageabilityPlatform ManageabilitySystem ManageabilityManageability Problems

Asset InventoryComputer RepairComputer SecurityPower Savings

Possible SolutionsIn-band versus Out-of-bandManagement Agents

Out-of-band and Agent-lessManagement in Low Power States

Summary

8/8/2019 IAMT_TOC

2/7

Chapter 2 - History of ManageabilityProtocol and Data ModelSimple Network Management ProtocolDesktop Management InterfaceWired for ManagementIntelligent Platform Management Interface

Alert Standard FormatCommon Information ModelAbstraction and ClassificationObject InheritanceAbility to Depict Dependencies, Component and Connection AssociationsStandard, Inheritable MethodsSummary

Chapter 3 - Manageability StandardsCommon Information Model (CIM)

UML DiagramManaged Object Format (MOF)

CIM Object Manager (CIMOM)

CIM ProfilesWeb-Based Enterprise Management (WBEM)WS-ManagementSummary

Chapter 4 - Overview of Intel vPro PlatformsIntel vPro Value VectorsIntel vPro Ingredients

Intel Core2 Processor with vPro TechnologyChipsetsGigabit EthernetPlatform BIOSSoftware Applications

Key Intel vPro TechnologiesIntel Virtualization Technology (Intel VT)Intel Trusted Execution Technology (Intel TXT)

Summary

Chapter 5 - Intel Active Management Technology OverviewKey Characteristics

Out of Band AccessLow Power OperationOperation in Various System StatesOS-Independent Agent-less SolutionTamper-Resistant Solution

Discover, Heal, and Protect

Key CapabilitiesHardware InventorySoftware InventoryHardware Health and Platform SensorsRemote Power ControlBoot ControlText Console RedirectionDisk RedirectionPersistent NVRAM Log

8/8/2019 IAMT_TOC

3/7

AlertsThird Party Data Store (3PDS)Agent PresenceSystem DefenseEndpoint Access Control

Interfaces and ProtocolsNetwork AccessLocal Access

Intel AMT and Enterprise InfrastructureActive Directory IntegrationSetup and Configuration ServerManagement ConsolesCertificate ServerBIOSRouters, Access Points, and ServersDHCP and DNSWi-Fi Access PointsSecurity Compliance Suites

Summary

Chapter 6 - Solving End User Problems with Intel vPro ManageabilityProtect from a Worm OutbreakTracking Hardware AssetsFixing a Blue ScreenCompliance Network AlertTracking Power UsageChanging BIOS Settings RemotelyRemote Platform DiagnosticsLockup Detection and Power ControlSummary

Chapter 7 - The Components of Intel Active Management TechnologyHardware Architecture

Intel Manageability Engine (Intel ME)Memory for the Intel MENonvolatile Storage for the Intel MENetwork Access to Intel MEProtected ClockTrue Random Number GeneratorChipset Fuse Key

Firmware ArchitectureIntel ME ROMIntel ME Kernel

Intel ME Common ServicesIntel AMT Firmware Applications

Software ArchitectureIntel AMT BIOS ComponentLocal Software ComponentsRemote Software Components

Power Management States of Intel AMTSummary

8/8/2019 IAMT_TOC

4/7

Chapter 8 - Discovery of Platforms and InformationNetwork Scanning for Intel AMTObtaining Intel AMT FeaturesObtaining Management InformationAsset Inventory

Intel AMT Event Log

Intel AMT Network AlertsEvent Log and Alert FiltersComputers Power, Battery, and Lockup State

Third Party Data Storage (3PDS)3PDS Allocation SystemSummary

Chapter 9 - Healing the PlatformsRemote IDE (IDE-R)

IDE-R ProtocolIDE-R SpeedBooting a Recovery OS

Serial-over-LAN (SOL)

Serial-over-LAN ProtocolSerial-over-LAN SpeedBIOS Using Serial-over-LANOS Applications Using Serial-over-LANBuilding a Serial-over-LAN TerminalAdvanced Uses of Serial-over-LAN

Summary

Chapter 10 - Protecting the PlatformsSystem Defense

Network FiltersNetwork PoliciesAnti-Spoofing Filter

Rate Throttling FilterHeuristic Filter

Heuristic PolicyHeuristic Filter DemonstrationHeuristic Filter Limitations

Agent PresenceApplication HeartbeatTaking Action

Summary

Chapter 11 - Connecting and Communicating with Intel ActiveManagement Technology

Connection

Port UsagesAuthentication and AuthorizationEnvironment DetectionIntel AMT VPN Flag

Local Host AccessImplementation of the VPN Flag

Summary

8/8/2019 IAMT_TOC

5/7

Chapter 12 - Internet Platform ManagementEnvironment DetectionIntel Fast Call for Help ProtocolIntel Fast Call for Help Policies

Connection TriggersFast Call for Help Network Routing

Fast Call for Help Security and AuthenticationFast Call for Help ConnectionIntel vPro enabled GatewayManageability DTK and Fast Call for HelpFast Call for Help Network SpeedFast Call for Help ConsiderationsSummary

Chapter 13 Using Intel Active Management Technology in Small andMedium-Sized Businesses

InstallationManageability CommanderConnecting

Remote displayIntel System DefenseSummary

Chapter 14 - Securing Intel Active Management Technologyfrom Attacks

Threats to an Intel AMT ComputerLocal AttacksRemote AttacksIntel AMT Process and Memory IsolationIntel AMT Nonvolatile Storage IsolationFirmware SecurityIntel AMT BIOS Security

Securing the Communication with Intel AMTAuthentication to Intel AMTAccess Control in Intel AMTTrusted Time in Intel AMT

Summary

Chapter 15 - Advanced Security Mechanisms in Intel Active ManagementTechnology

True Random Number GeneratorSecure Storage of Sensitive Data Blob Service

Chipset Fuse KeyMonotonic Counters

Measured Launch of Intel AMT FirmwareSecurity Audit LogsSeparation of DutiesAudit Log RecordsPosting an Event to the LogAuditing PolicyThe Audit Trail

Summary

8/8/2019 IAMT_TOC

6/7

Chapter 16 - Privacy Protections in Intel Active Management TechnologyPrivacy in the World of Technology

Privacy in the WorkplaceWhat Constitutes Private Information?The Legal Aspect of Privacy

Importance of Privacy in Intel AMT

Privacy Protection Mechanisms in Intel AMTOpt-in and Opt-outSecure Local ConfigurationEnd-user NotificationPrivate Data Storage ProtectionSecure Communication of InformationMitigating the Rogue Administrator

Summary 13

Chapter 17 - Deploying and Configuring Intel Active ManagementTechnology

What Is Setup and Configuration for Intel AMT?Deployment Scenarios

Factors to ConsiderIntel AMT Setup and Configuration OverviewIntel AMT Web Based ConfigurationIntel AMT Enterprise Configuration Methods

Pre-shared Key TLS-based Configuration ProtocolAsymmetric Key TLS-based Configuration ProtocolConfiguring Enterprise DataConfiguration Audit RecordBare Metal Configuration

Summary

Chapter 18 - Developing Solutions for Intel Active ManagementTechnology

Complete Re-useSupporting Serial-over-LAN

Selecting a TerminalSelecting a Software Stack

Selecting a WSMAN StackUsing the WSMAN TranslatorUsing the Manageability DTK StackManageability Stack ServicesCertificate OperationsKerberos SupportSummary

Chapter 19 - Support for WS-Man and CIM ProfilesWS-Management Support in Intel AMT

Intel AMT Data ModelDASH ProfilesIntel AMT Extension ProfilesSummary

8/8/2019 IAMT_TOC

7/7

Appendix A - Quick Intel Active Management Technology SetupIdentify If You Have an Intel vPro SystemSetup Intel AMT SystemConfigure a Browser to ConnectConnect and ExploreNotables

Summary