Intel® Business Client Software Development
Support for Intel® vPro™ software development and technologies associated with Intel vPro platforms.
1381 Discussions

Can AMT get to a remote computer that it's not on a local network

Ahmed_M_1
Beginner
‎09-23-2007 03:30 PM
362 Views

Well i have been following AMT for a while now and all posts/Videos and demos are on the part that the Client machine is on the same network. But this is not always right when Clients are away from the Company and living at a hotel or something that's yet not on the Local Network.

With my experience in such things there should have been a VPN Client to run on the OS to be able to be part of the Company's local network, and a VPN Concentrator in the Company.

Is that supported at AMT or shall i begin thinking of doing one, and is it possible to do it in the first place. if not what's hard about it or why cant we do it. Our graduation project is based on AMT with 2 phases one of them is adding new functionalities and the other is Extending the DTK on windows and Developing one for Linux with Java.

Ideas would be Great and thnx.

0 Kudos

Link Copied

2 Replies
Ajith_I_Intel
Employee
‎09-24-2007 09:27 AM
362 Views

Hi There,

That is very good observation that AMT client need to be on the local network. Mobile platforms enabled with AMT are more likely to be taken out of the local network and be put to use in various places (for example home, hotel, coffee shops etc).

Now one would argue that when this platform is not in the local network (which is considered secure), its not a good idea to expose the manageability interface that can potentially be accessible to hackers. In order to address this platform, we have a feature called environment detection.

As part of provisioning AMT, one would define what are the local domains where you would like manageability interface to be available. Once you move the client to a non-local domain, environment detection triggers and shuts off the manageability interface. Now you might say, what if I need to access help from your IT department when you are not at work.

To address this issue, we have an option to enable VPN routing. The idea is that when you connect to your corporate network through a VPN connection in your OS, and if VPN routing is enable, AMT can be accessed through the VPN connection. All of the traffic to AMT will be intercepted by Local Manageability Service (LMS) and directed to AMT through the HECI driver.

Other alternative is to include a VPN client as part of the AMT firmware to address this issue but since VPN interface is not standardized and is custom to each corporation, it would not be a viable option. As far as you developing something around this, you will not be able to add features to firmware.

Hope this helps. Comments and feedback are welcome.

0 Kudos
Copy link
Ahmed_M_1
Beginner
‎09-24-2007 12:57 PM
362 Views

I cant cause it's not open for public to do what they want with itor i cant cause it's hard to be done as a graduation project?!

Well i just wanted to tell that we are Trainees at Intel Egypt PDC LAB and we are being Sponsored by Intel. Would that change things out and give us the abillity to do it orit's still not, Also Yilan told me that you guys are upto doing it but not before AMT 5.0 which i guess to faaaAaaAr from now and i guess we can be helping Getting it to Light Faster than it is.

Also i need to Join the MS ImagineCup 2008 with AMT Functionality in the Theme of Technology helps for Better Enviroment, and i thought Power Management and control would be a good point to Start with.

Support would be really aprechiated

thanks,

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.