Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
3018 Discussions

Intel AMT, vPRO HTTPS support

mkoch
Beginner
‎08-26-2024 02:26 AM
1,523 Views
Solved Jump to solution

A quick question. From which version of Intel AMT or vPro is it possible to access the remote management with HTTPS (encrypted)?

0 Kudos
1 Solution
Arun_Intel1
Employee
‎08-27-2024 10:19 AM
1,453 Views
Solved Jump to solution

Hi Mkoch,


Greetings!


Please be informed that 16992-16993 port changes were implemented with Core 13th gen processors and 12gen after a BIOS update.

Hence the port 16993 is the one that is open.


Please find the same in the below given note and the link provided.


Starting from Alder Lake platforms with Raptor Lake CPUs running Intel CSME 16.1 firmware, 

remote connections to Intel AMT unsecure TCP/IP ports 16992, 16994 and 623 are no longer supported.

TLS ports 16993, 16995 and 664 must be used for connecting to Intel AMT.

Starting from Intel CSME 19 firmware on Arrow Lake platforms, connecting to Intel AMT without TLS is not supported at all (i.e., also local connections must use TLS ports).


https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?turl=WordDocuments%2Fintelamtandsecurityconsiderations1.htm


Best Regards

Arun_Intel


View solution in original post

Copy link

Link Copied

5 Replies
Arun_Intel1
Employee
‎08-27-2024 10:19 AM
1,454 Views
Solved Jump to solution

Hi Mkoch,


Greetings!


Please be informed that 16992-16993 port changes were implemented with Core 13th gen processors and 12gen after a BIOS update.

Hence the port 16993 is the one that is open.


Please find the same in the below given note and the link provided.


Starting from Alder Lake platforms with Raptor Lake CPUs running Intel CSME 16.1 firmware, 

remote connections to Intel AMT unsecure TCP/IP ports 16992, 16994 and 623 are no longer supported.

TLS ports 16993, 16995 and 664 must be used for connecting to Intel AMT.

Starting from Intel CSME 19 firmware on Arrow Lake platforms, connecting to Intel AMT without TLS is not supported at all (i.e., also local connections must use TLS ports).


https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?turl=WordDocuments%2Fintelamtandsecurityconsiderations1.htm


Best Regards

Arun_Intel


Copy link
mkoch
Beginner
‎08-28-2024 01:44 AM
1,426 Views
Solved Jump to solution

So with  CPU Gen 12 and AMT 16 it is possible to use TLS?

And with beginning of Gen 13 it is the default.

0 Kudos
Copy link
Arun_Intel1
Employee
‎08-28-2024 11:33 AM
1,404 Views
Solved Jump to solution

Hi MKoch,


Greetings!


To answer your query, by default, Intel® Core 13th gen processors support secure TLS connections only.

Gen 12, after a BIOS update, only TLS is supported.

Older processor versions support non-TLS and TLS connections (at least higher than 7th gen).


Best Regards

Arun_Intel


0 Kudos
Copy link
mkoch
Beginner
‎08-29-2024 12:07 AM
1,362 Views
Solved Jump to solution
In response to Arun_Intel1

Hi Arun_Intel,

thank you, that answers my question completely.

In response to Arun_Intel1
0 Kudos
Copy link
Arun_Intel1
Employee
‎08-29-2024 09:14 AM
1,350 Views
Solved Jump to solution

Hi NKock,


Greetings!


Glad that we were answer your query, and please feel free to contact us going forward for any further query, we are more than happy to assist you!


We shall proceed to close this case.


Best Regards

Arun_Intel


0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.