When you reference the base hypervisor I assume you are referring to AMT. If this is the case, the current implementation of desktop AMT offers no support for 802.1x. If the PC is in an OOB state then no communication can occur as there is no authentication mechanism in the desktop version of AMT.
AMT 2.5 for mobile platforms and AMT 3.0 for desktops, desktop not released yet, have support for 802.1x. To what degree the support is offered and how it is implemented I am unsure.
A possible option is to implement a Guest VLAN in your 802.1x implementation. This will allow you to perform AMT/VA functions to repair the PC and then let it re-authenticate itself using the OS layer.
Thanks for the question. Support for 802.1x is available starting from AMT 2.5 onwards. Currently the virtual appliance model does not support 802.1x. As for deploying the vPro systems with 2.0, 2.1 firmware in an 802.1x environment, you can setup a VLAN for AMT to be functionalfor out of band scenario. This way you will have access to the box and be able to perform the remediation and utilize other AMT features.
Starting from AMT 2.5 and 3.0, 802.1x is supported and the AMT firmware will be able to perform the authentication in the case when host OS is not available. This will allow for the availability of AMT out of band regardless of the host OS state and power state. There are certain limitations on the availability of AMT in wireless platforms (AMT 2.5) and you can find more details here:
Hope this helps.