Home > Intel Communities > Open Port IT Community > Intel® vPro™ Expert Center > Activation > Blog > Authors > Josh Hilliker
Up to Blog Posts in Activation

Activation Blog

5 Posts authored by: Josh Hilliker
Josh Hilliker
0

I was recently asked about the security of vPro and Intel Active Management Technology, therefore I started to pull together all the resources I leverage when discussing this topic and help to alleviate concerns of the Information Security folks in the IT shops. here are those links and if you find additional ones that help please add on to the blog.

 

Hardening Measures Built into Intel® Active Management Technology

http://softwarecommunity.intel.com/articles/eng/3703.htm

 

AMT System Defense Usecases

http://communities.intel.com/docs/DOC-1278

 

Intel® Active Management Technology Protect Use Cases

http://softwarecommunity.intel.com/articles/eng/1031.htm

 

Intel® Active Management Technology Use Case #7: Hardware-Based Isolation and Recovery (Protect)

http://softwarecommunity.intel.com/articles/eng/1179.htm

 

 

 

If any questions on security of vPro please let me know.

0 Comments Permalink Tags: vpro, vpro_expert_center, josh_hilliker, security, activation
Josh Hilliker
0

If you are seeing any failures in your log around setting the hostname during a Remote configuration it could be due to a underscore in the host name. Check out Terry Cutlers post on altiris juice @ http://juice.altiris.com/tech-tip/1622/underscore-not-supported-in-intel-amt-hostnames . Terry references the RFC952 - DoD Internet host table specification @ http://www.faqs.org/rfcs/rfc952.html. Here are the assumptions from that specification.

 

ASSUMPTIONS

 

1. A "name" (Net, Host, Gateway, or Domain name) is a text string up

to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus

sign , and period (.). Note that periods are only allowed when

they serve to delimit components of "domain style names". (See

RFC-921, "Domain Name System Implementation Schedule", for

background). No blank or space characters are permitted as part of a

name. No distinction is made between upper and lower case. The first

character must be an alpha character. The last character must not be

a minus sign or period. A host which serves as a GATEWAY should have

"-GATEWAY" or "-GW" as part of its name. Hosts which do not serve as

Internet gateways should not use "-GATEWAY" and "-GW" as part of

their names. A host which is a TAC should have "-TAC" as the last

part of its host name, if it is a DoD host. Single character names

or nicknames are not allowed.

0 Comments Permalink Tags: vpro_expert_center, vpro, activation, josh_hilliker, self-activate
Josh Hilliker
0

Nick & I got together this week and evaluated a few platforms for their AMT settings in the BIOS. In this video, Nick explains how to get into each BIOS and where the options for AMT are ( or for that case where they are NOT ).

 

 

Here are a few screen shots of two of the platforms. We are also going to publish out a matrix of the systems with drivers, bios settings that Frank has been working on.. stay tuned for the link.

 

 

0 Comments Permalink Tags: bios, amt, vpro_expert_center, josh_hilliker, vpro, centrino
Josh Hilliker
4

I witnessed our Internal IT guys defining a BKM that I thougth was very relevant to share out to the community, therefore let me explain.

 

Challenge: How can you use a mgmt console to read the AMT version so you can write a report in your mgmt console?

 

Output: You need to have a value placed into the registry that has data whether it's all of the BIOS, MEBx, SOL, HECI, etc.. driver versions, then you can read this data into a mgmt report.

 

Solution: run MEInfowin.exe and redirect the output to a text file using the “>” operator

Example --

 

 

 

Then you need the write a program in your favorite language such as VB script or C# to read through that text file and write the desired into to the registry.

 

Then use your mgmt console to read these values & report out. The internal IT guys are doing this to check versions.

 

Thanks Intel IT folks for the BKM.

4 Comments Permalink Tags: vpro_expert_center, troubleshoot, vpro, intel_it
Josh Hilliker
2

In my last blog I mentioned a group of us got together to showcase the technology in the Intel Labs. This video Frank, which will be at ManageFusion & myself showcased the Patching use case of how you can wake a system up, patch & then return to powered off state. The value is in the effectiveness of powering the machine, patching and then shutting it down as quickly as it started.

 

 

The same note here, if you are interested in how we specifically wrote the job please let us know and we can add that detail out here as well. I also have a detailed screen by screen view if of interest.

2 Comments Permalink Tags: vpro_expert_center, patching, vpro, troubleshoot

Popular Blog Posts