Intel® Business Client Software Development
Support for Intel® vPro™ software development and technologies associated with Intel vPro platforms.
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
1370 Discussions

IDE-R protocol and authentication ?

ravanrip
Beginner
‎05-12-2011 11:04 AM
340 Views
Solved Jump to solution
Hi, I was wondering what protocol IDE-R uses ? Is it simply tftp, or something proprietary ? Are there places in the protocol where one could digitally sign the image and check it on the client ?

I'm concerned with tampering of the image as it traverses the network, and authentication as well to make sure the image is coming from my SCS server and not some rogue on the network.

Thanks!
0 Kudos
1 Solution
RBens2
Valued Contributor I
‎05-12-2011 11:41 AM
340 Views
Solved Jump to solution
Hi Ravanrip,

If you're concerned about the image getting hijacked, then you need to setup the system to do TLS. TLS will encrypt the data as it traverses the network. The datasteam will be as secure as any other Internet data stream.

Regards,
Roger

View solution in original post

0 Kudos
Copy link

Link Copied

3 Replies
RBens2
Valued Contributor I
‎05-12-2011 11:41 AM
341 Views
Solved Jump to solution
Hi Ravanrip,

If you're concerned about the image getting hijacked, then you need to setup the system to do TLS. TLS will encrypt the data as it traverses the network. The datasteam will be as secure as any other Internet data stream.

Regards,
Roger
0 Kudos
Copy link
ravanrip
Beginner
‎05-12-2011 11:51 AM
340 Views
Solved Jump to solution
Interesting. So I found information that one can connect to the AMT via TLS but if you remotely boot a machine with IDE-R is it still TLS secured ? or does this protection exist only when communicating with the AMT for things like assets etc. ?
0 Kudos
Copy link
RBens2
Valued Contributor I
‎05-12-2011 02:49 PM
340 Views
Solved Jump to solution
When you configure the system in Enterprise mode with TLS, all of the data between the remote management console and the MEcan beencrypted, including all of the IDER traffic. The TLS connection is only between the Remote console and the ME. Any traffic between the image that was booted and the remote console is the responsibility of the image.

Regards,
Roger
0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.