You are correct, if, your IAMT management console does not allow you to change the default port numbers. This said, there are a few work arounds: Probably the best would be to get yourself a VPN router (I would recommand a Linksys WRT54GS with the DD-WRT firmware and use PPTP to VPN into your network. I use this at home and it's great). This solution is also way more secure if you run your computers in "Small Buisness Mode", since it will add encryption.
A different a also very good solution is to SSH into a computer on your network and use SSH tunneling to the computer you want to manage. This is also very secure, you can only manage one at a time, but it's easy to change the mapping.
When you have a VPN setup, you can address all of the machines on the private network just like if you where connected to the private network. So, it will certainly work. Youshould look at OpenVPN for example, it will do the job, but I have never used it myself. With a VPN, your remote computer will get an IP address from the private network and can fully interact with machines on the private network.
1. Ha yes, I just looked at the Intel libraries and you are correct, the port is fixed.
2. Alerts include the platform GUID and so, you should be ok.
3. That's correct.
In general, I would look into setting up a VPN. Even if you where to change the port numbers, it's not as elegent a solution as using a VPN.