Have you been hearing all the news on vPro? Check out this document for the latest update of models available through 8 different Original Equipment Manufacturers.

Order an Intel® vPro™ technology "Activation-Ready" PC

</h3>

Did you know that vPro has the capability to give you remote GUI access out-of-band (OOB) using the serial-over-LAN (SoL) interface? It's true.

Normally we think of SoL as a solution for remotely accessing BIOS or as a tool for running text based remote diagnostic utilities as part of an IDE redirection (IDR-R) session. SoL is capable of doing more than console redirection. If you look in the device manager on a vPro client and expand the Ports (COM & LPT) you will see an entry for the SoL interface:

This port allows the local operating system to interact with AMT's out-of-band connection to a management console. You can try this yourself with the following steps:

1. Open up a SoL session to your vPro client using your management console. (you can use the Manageability DTK if you do not currently have access to a management console)

2. Open up a command prompt on the vPro client you are connected to via SoL.

3. Enter the following command:

1. echo hello&gt;com3

2. Note: the actual COM port number for your SoL interface may be different, check device manager to see what it is.

4. Look at your SoL session on your management console. You should see the word "hello" appear in your console window.

So what does this all mean? It means that if you have some software monitoring the SoL port that you can send and receive data to your OS OOB.

A great example of how to leverage the SoL interface can be found in the Manageability DTK. The DTK gives you the ability to redirect TCP traffic over the SoL interface by utilizing an agent, the Manageability Outpost, on the vPro client. There is corresponding functionality available in the Manageability Commander tool and Manageability Director tools. This allows you to map a TCP port on your vPro client back to a TCP port on your management console and tunnel TCP traffic between your management console and vPro clients over the SoL connection.

If you combine TCP redirection with remote control software, like Remote Desktop, VNC and similar tools, you can enable OOB access to a full GUI on a remote machine.

I've put together a video that demonstrates how you can use this ability to remotely manage a client with a full GUI, including the ability to transfer files, using vPro's OOB management capabilities.

I recently blogged about the interview with Citrix Software's Paul Hahn, Director of Business Development / Virtualization & Management Division, and Matt Edwards, Product Manager at: http://communities.intel.com/openport/blogs/ecmf/2008/09/22/citrix-software-with-intel-vpro-technology

For part 2 of this blog, you can view the actual demonstration of the software below. In this demonstration, you will see the solution explained in much more detail.

Come see us at ManageFusion 2008 in Orlando!!

October 14-16, 2008

JW Marriott Grande Lakes, Orlando

http://www.managefusion.com/

This is your opportunity to talk with the experts face-to-face, experience the technology, hear how others are utilizing the technology, and more!!

Here's a quick summary of the Intel lineup

Intel Booth (#1)

See compelling Intel® vPro technology demos focusing on: Dynamic Virtual Client (streaming applications), manageability and client-initiated remote access.

Take part in the Intel Passport Program and receive a bamboo running cap. Also, enter to win an Intel® Centrino® notebook.

Participate in the IT Quest and get a T-shirt. And, you can enter to win an Intel® Centrino® notebook.

Tuesday, October 14

Opening Keynote: 9-10:30 am

Gregory Bryant takes part in Steve Morton's road trip.

Hands-On Lab: 10:45 -11:45 am

AP L02: Eliminate Network Attacks during Remote Software Deployment

Abstract: Protecting networks and PCs from potential threats is a full-time job; however, Intel® vPro^TM technology can help IT administrators streamline the process and better protect clients and block network access. Network filtering software is commonly used to protect the network from a client, or protect the client from a potential threat on the network. Intel vPro technology enables IT administrators to easily deploy software without making a deskside visit and even though the filter is engaged, the Notification Server can still manage the client. During this lab, attendees will learn how to deliver software and update the client while the network filters are engaged.

Instructors: John Dickensheets (ITS), Terry Cutler (Intel), Lee Bender (Symantec)

Breakout Session: 2:15-3:15 pm

AP B05: Implement Intel® vPro Technology Today

This session will give you a nuts to bolts overview of what's needed to realize the benefits of implementing Intel® vPro technology. During the session attendees will learn which OEMs are using Intel vPro technology in their PCs, the value of the Intel/Symantec solution along with implementation options and tools that facilitate self activation. If that's not enough, you will also find out which partners can assist in implementation. This is a must-attend session for those who are Intel vPro technology-serious.

Instructors: Tracie Zenti (Intel) and Matt Bingham (Symantec)

Wednesday, October 15

Breakout Session: 10:30-11:30 am

AP B09: What's Keeping You Awake At Night? Interact with Industry Experts and IT Professionals.

Abstract: This session is designed to be an interactive Q&A with the audience. Peter Kastner, industry analyst will act as moderator and attendees will hear his take on industry trends, issues and what companies are facing when it comes to their IT infrastructure. Panel members will also discuss IT pain points and how to meet the ever-changing, end-user management and security needs. Material will also address how Intel and Symantec are helping IT organizations improve efficiencies, reduce costs and prepare for the future. Presentations will be brief with most of the time devoted to taking questions from the audience.

Panel Members: Peter Kastner (Industry Analyst), Chad Perniciaro (Valerent, Inc.), Kevin Unbedacht (Symantec), Josh Hilliker (Intel), and Other participants TBD

Hands-On Lab: 12:45 -1:45 pm

*AP L02: Eliminate Network Attacks during Remote Software Deployment*

Abstract: Protecting networks and PCs from potential threats is a full-time job; however, Intel® vPro^TM technology can help IT administrators streamline the process and better protect clients and block network access. Network filtering software is commonly used to protect the network from a client, or protect the client from a potential threat on the network. Intel vPro technology enables IT administrators to easily deploy software without making a deskside visit and even though the filter is engaged, the Notification Server can still manage the client. During this lab, attendees will learn how to deliver software and update the client while the network filters are engaged.

Instructors: John Dickensheets (ITS), Terry Cutler (Intel), Lee Bender (Symantec)

The time has come, September 22nd.. Check out the link above in the image to get to the virtual experience where you can learn more about what is in vPro 2008 launch. I will be following up soon with more lab video's on this new desktop.

Here are the highlights from me:

• Fast Call for help

• Access Monitor Control

• Remote alerting

Here's Andy Tryba (Marketing Director, Digital Office Platform Division), after I caught him after the online keynote he talked through the 3 highlights.

Also here is a Landesk video showing the fast call for help (NOTE: fast forward to 3:16 where The Remotely Managing PC Outside Corporate Firewall starts)

Where to buy is being updated shortly to reflect where you can buy.

http://www.intel.com/buy/vPro.htm?iid=prod_vpro+tabs_wtb

Direct link - http://www.itsdelivers.com/?class_id=VPRO-A100

The SOL IDE-R for OS repair document was just updated and can be used to create a boot floppy or boot ISO that will allow for image redirection using SOL and IDE-R.

The SOL IDE-R for OS repair document has instructions on different methods of creating the boot floppy, where to get the setup files, and how you could use it for imaging. This document was meant for IT administrators who have knowledge on imaging, and batch file creation. The document is a framework on how to create it and should not be attempted by technicians who do not have some batch file programming or OS deployment background. There are provided samples in the document with instructions on how to create the bootable files, to add network drivers, and to image and when to use 1 for 1 imaging versus a sysprep image.

For more information, review the SOL IDE-R for OS Repair Resource Page.

Ylian created this based on his class at IDF (Intel Developers Forum). this video is 23 minutes and well worth the time. If you are getting started, looking for a refresher or just want to hear one of the brightest folks talk about AMT, this is your video..

Enjoy..

After a longer wait than I planned here are the key screens that your end users may see if they click on the Icon in the Centrino 2 Platform with Intel vPro Technology. They show the different tabs and the difference between Unprovisioned & Provisioned.

What's next.. Testing them in the lab and sharing those video's out.. stay tuned for more.

NOTE: If you have not read parts 1 through 5, please read these before reading this part as this is a continuation of the story begun in the previous sections. http://juice.altiris.com/book/4687/altiris-and-intel-vpro-use-cases

The Might Modern Marketing IT team has just seen two suspected competitors encroach on the home turf. What can they do in light of this brazen intrusion? Can Altiris and Intel's vPro help them gain the upper hand when the opposition brings the fight to the very top? In this part of the story we'll learn the final outcome of their major competitor's struggle to gain the majority share of the market through fierce competition and unscrupulous IT sabotage.

Mighty Modern Marketing HQ - Boston, Massachusetts

"Bobby!" Jessica Langley whispered loudly. Or, more accurately, she said loudly to just pierce the cacophony of fans filling the server room. She turned the corner and saw Bobby perched at his desk. His hands rested on his keyboard, as if posed to begin coding at an instant's notice. He seemed to be looking intently at his monitor.

"Bobby?" she urged, stepping closer. He didn't respond, and as she watched his head tipped forward. He jerked, a loud snort escaping his nose. He glanced around, blinking bleary eyes, before his eyelids seemed to close of their own volition. He settled back into his chair, hands still poised.

Jessica tapped him on the shoulder. He didn't respond. She tapped harder, and he shrugged, but his eyes remained closed. She shook the back of his chair, and he jumped, hand flailing out to grab the sides of his desk. He whirled around, staring at her with wide, reddened eyes.

"Jessica!" he said, blinking rapidly. "Something wrong?"

She folded her arms. "Yes, something's wrong," she responded tersely. "We're under attack."

He wiped at his face with his long-fingered hands. "A virus?"

"No, something a bit more direct. I saw that ninja guy again, and some smooth-slick character with him. He might be Jake, the New Nifty Network CEO."

"The ninja? The guy I thumped with the laptop??"

"Yes."

Bobby looked at her wide-eyed. His eyes darted about, and he finally picked up a power strip, gripping the plug and cord. He twirled a few times, and Jessica backed away.

"What are you doing?" she demanded.

"I need something in case he comes after me for revenge!"

"Is that supposed to be a ball and chain?"

He glanced down at the strip, the empty black slots seeming to stare back up at him forlornly.

"Yes. No. Maybe... I don't know!"

She reached out and took it from him. "Tevita's following them, but we need to lock things down."

Bobby rubbed his hands together, his expression tightening a little. "I always have things locked down," he said. "You're insulting my..."

"No time for that. Lock up all the servers, and backup all databases right now. If possible bring non essential applications down until we get these guys out of here. And call security."

Bobby nodded. "There's a ton of locks. Can you help while I call?"

As Jessica set locks on the server's chassis and covers, she watched the door leading into the server room. She couldn't seem to keep her eyes away from it, half expecting one of the suspects to barge in waving a bat around and demanding their most sensitive data. Halfway through the process Bobby gave her a large key ring full of small metal keys with short-stubby teeth.

"Go check the server racks and lock any covers that are open with those," he instructed.

She stared at him. "There are a hundred keys here, and none of them are labeled!"

"I know. I keep meaning to get around to label them, but... well... how fun would that be?"

"Yeah, how fun?" she mumbled as she headed around the corner. She started down the row, checking the front of the cases. She made it almost halfway around before she found one that opened. She looked down at the mass of keys and sighed.

She only had inserted about thirty keys, all without budging the lock, when her mobile phone rang. She quickly fished it out of her jacket pocket, glancing at the number before putting it to her ear as she pushed the answer button.

"Tevita?" she prompted.

"Jessica! They're up here on the executive level!" he said in a loud whisper, and she had to press her phone hard against her ear to hear.

"Bobby called security..."

"These guys are really delivering packages as if they're legit, but that taller guy, the slick one, keeps looking around as if expecting to see something."

"Why don't you go tell Mr. Johnson? I think that's Jake Wells."

"That's a good idea. I'll call back if I need anything..."

"Just be careful..." she started to say when the line dropped. She locked the keypad and slipped the phone back in her pocket. She stared down at the keys on her other hand, and finally decided she had better things she could do. She walked quickly to Bobby's office. He started intently at his screen, his fingers flying over the keyboard so fast they seemed to blur in her vision. She placed the key ring on his desk and he looked up.

"The first half of them are secure," she said, not mentioned she hadn't needed the keys for any of those.

"That was fast..."

"I got a call from Tevita. I think I need to secure some of the more vital PCs in the office, here. Did you ever finish those network filters I asked for?"

Bobby nodded. "I did. I still need to test the last one..."

"But the accounting and executive filters are ready?"

He nodded again. "Yes. I'll email them to you now. It wasn't easy, what with the limitation on how many filters I can apply, but I weeded out the nonessentials. Instant Messenger won't work, nor will standard Internet Explorer stuff, but all the applications the two groups will use respectively are available."

"Email?"

"I think so... it's not reliable..."

She shrugged. "Better than nothing. Thanks!"

She hurried out the door. Her eyes looked around the office as she walked tensely back towards her desk. She expected to see signs of stress or something, but everyone acted normally. Several even said hi, and she managed to smile back, though the smile felt stiff on her face. Why couldn't she have a normal IT job where emergencies consisted of no coffee in the break room, or typical, non-intentional application crashes? Couldn't someone simply forget their domain password for the highlight of the day? That kind of stress she could handle without her stomach tying itself into knots.

She sat down as a new email came in from Bobby. She opened the email, and downloaded the attachments to a share on the Notification Server. She quickly initiated a Remote Desktop to the Notification Server. When she clicked connect, she received a message indicating the max number of session had been reached. She stared at the screen.

"No way," she muttered as she jumped to her feet. She hurried over to Tevita's desk, but he'd locked all his systems. Definitely wise, but If he had sessions open she'd be unable to close them. She hurried back and launched the Altiris Console on her own desktop. She'd wanted to add the filters in the right places on the drive of the server, but it wasn't necessary. The console came up, and she browsed through Manage, clicked on Jobs, browsed through Tasks and Jobs, Server Tasks, Real-Time System Manager, and clicked on Network Filtering Task.

Jessica right-clicked on the Task and choose "Clone". She named it "Accounting Network Filtering Task" and clicked OK. The new filtering task appeared, the task configuration loading in the right pane. She clicked the Edit button on the icon bar with the small pencil symbol. Under the section ‘Filter network traffic other than to and from the Notification Server' she changed the radial selection to ‘Import network filtering settings from the custom XML file'. Under the section ‘Location of the file to import from:' she clicked the Browse button. In the subsequent window she browsed to the share she'd copied the custom files Bobby had created and selected the Accounting one. She clicked Open which returned her to the Settings page.

At the bottom of the right-pane she clicked the Apply button. Next, she clicked on the ‘Run Now' button on the icon bar. Within the pop-up window that appeared she set the ‘Run name' field as ‘Accounting Lockdown SOS'. Under the ‘Connection credentials settings' section she clicked on the hyperlink labeled: Runtime Profile. From the list she selected the list of credentials containing her Domain credentials that had full rights to all AMT systems. When she'd committed the changes she then clicked the hyperlink under the Resources heading labeled ‘Select computers'. The Task Server resource selection window appeared.

In the left most pane she expanded the Computer Collections folder and the My Collections folder. Under this section she highlighted the collection labeled: All Accounting Computers. By double-clicking on this collection the picker added it to the right most pane, labeled Selected Items. She clicked OK to add the collection to the Task. On the main Run Task screen she hovered the mouse-pointer over the ‘Run Now' button. She wondered if both words were capitalized to emphasis the finality of the button! She believed the filter would work since she had faith in Bobby's skills, but if something went wrong...

For just a moment she paused, taking her hand off the mouse. Over reacting might save the day if these two interlopers really came with Mighty Modern Marketing's determent in mind, but if she'd jumped to the wrong conclusions she might just create a huge mess for no reason at all.

Another thought, one she'd had previously, surfaced in her mind. If Bobby hadn't verified the filter worked, and it somehow invoked a filter that did NOT give access to the systems via Notification Server, she might just decapitate every single one of the Accounting department's computers with a single click. She shuddered as she imagined Tevita and her running from computer to computer in a desperate effort to manually disengage the network filter using their credentials. There was a reason Bobby tested all the filters he created, and that same reason applied as to why she and Tevita each independently tested them again.

So far Bobby always got it right, at least from the Notification Server aspect. Sometimes the other filter items didn't work properly, but she'd still be able to quickly remove the filter from all the systems. She sat up straighter in her chair, her lips pressed into a firm line, and took hold of the mouse again. With only the briefest of hesitations she slicked the ‘Run Now' button.

She waited a minute, then refreshed the status display. So far so good. She quickly ran through the same procedure, but this time setting the Task to quarantine, this time for the system's own protection, the Executive systems. She paused before running it, then quickly picked up the phone and dialed Mr. Johnson's number.

"Mr. Johnson's office," a young voice greeted.

She paused. She didn't recognize the voice, but didn't attribute it to the two she'd seen. "Uh, yes, this is Jessica Langley down in the IT department. Is Mr. Johnson available?"

"No, ma'am. He's currently in a meeting. Can I take a message?"

"When did he get a secretary?"

She heard a chuckle. "I'm not a secretary, I'm his son, Roger. It's ‘Go to Work With Mom or Dad' day at school. I'd rather be here than school, so... here I am."

"Okay... Can you tell him this is urgent?"

"I would, except he left for the meeting and I don't know where."

She sighed. "Thanks Roger." As she hung up the phone she clicked the ‘Run Now' button.

Leaning back in her seat, she folded her arms, eyes on the Altiris Console. Having applied the filters she did feel a little better, but she still couldn't sit still. She stood and walked to the drinking fountain, trying to think what next she needed to do to ensure whatever their competitors planned didn't cripple the business. Her eyes roved over the immediate area. It seemed everyone moved calmly, with occasional conversations heard above the hum of computers. She fished in her pocket and removed her cell phone, staring at the display as it lighted up. If Tevita was hiding somewhere, calling him might give him away. But surely he'd have placed in phone on vibrate...? She hated not knowing where and what Tevita did, and what the interlopers meant to do.

She found herself facing the stairs. Part of her wanted to run up there and blow the whole thing wide open so that the sheer number of Might Modern Marketing's employees would stop whatever they planned. Of course if it ended up being an innocent visit... she threw that thought aside. They'd shown up looking like delivery guys, and the furtive glances from the "ninja" seemed to proclaim their guilt. She reached up and rubbed at her eyes, trying to decide what to do next.

They'd locked down the servers, taking down nonessential applications, and employed filters against critical systems. She squared her shoulders and entered the stairwell, hurrying up the two flights to the third floor. When she reached the door at the top she stopped, taking out her cell phone again. She dialed Tevita's number and pressed the send button. The phone rang several times before his voicemail started playing. She hung up the phone, fidgeting with it for a few moments before slipping it back into her pocket.

She tried to square her shoulders again, but somehow the thought of heading through the door started her stomach doing flips. She pressed a hand against her middle, trying to physical calm her nerves. It wasn't like these guys were armed... were they? So far the incidents had all been non-violent, but had desperation driven them to take extreme measures? Thinking about her job description, the security and protection for the intellectual property of Might Modern Marketing fell under her job description. These rubes from New Nifty Networks certainly qualified as a threat, but where should she draw the line?

She smiled wryly, decided she didn't like the spineless turn of her thoughts. True, there could be real danger on the floor, but most of the people up here she knew well and trusted. She opened the door and stepped through.

To the left sat the accounting team, most in closed-door offices to help with keeping sensitive data from wandering eyes. She saw one of them exit his office, a frown on his face. She walked towards him, intending to head through towards the executive staff area, when he looked up.

"Hi Jessica," he said, the tight expression on his face easing. "Can you help? I'm having internet problems right now."

"I know," she responded with what she hoped was a firm but friendly smile. "We have a security issue I'm dealing with and we've locked most systems. You should still be able to run the Accounting software... Balance Act. Have you had any problems with it?"

"No... I just... well... do you know when we'll get it back?"

"Hopefully soon. I'll send out a notice when it's back up."

"Okay. Thanks..."

She nodded and continued on her way. She heard him behind her start talking to another of the accountants, and he sounded a little annoyed, but she thought that better than any wrath had the critical application Balance Act gone down. She smiled, hoping someone would try to strip the data from the application and try to send it out, only to find that they couldn't make a connection to anything. She hoped they stewed over it, trying to figure out why the computer wouldn't connect to anywhere despite showing a network connection.

She tried to look casual as she raced towards the executive area. What would she find? By the look of people on the floor, no one had any inkling that two unwanted people prowled the hallways. As she turned the corner, her eyes followed the line of doors, most of them open. The sound of conversations floated out of a few, all sounding normal and unhurried. She noticed that Mr. Johnson's door remained closed. She walked on her tiptoes for a few steps, trying to look down into the cubes opposite the CEO's office. The first two stood empty, while the next two held their normal occupants, none looking more harried than normal.

She reached his door and glanced through the side window set to the left of the door. She noticed a young man sitting at the computer. He slouched back in the office chair, right hand moving around the mouse, his hair spiky and bleached blond. She assumed this was Roger, and moved on. She fished her phone out of her pocket and dialed Tevita gain. For the second time he didn't answer and she reached his voicemail. This time she left a short, terse message asking him to call her, and hung up.

She looked either way down the hall, her stomach slowly turning over. So far everything looked fine, except that Mr. Johnson wasn't at his office and Tevita wouldn't answer his phone. Many possibilities as to why held nothing malicious, and probably nothing amiss had happened. Somehow she couldn't convince her body of that, and found herself walking stiffly down the hall towards the set of conference rooms at the end. She couldn't unlock her knees, as if her joints had seized up. She wrung her hands in a gesture she'd long ago overcome, and forced her arms to swing normally at her side. Even that gesture felt forced, and she shook herself, trying to loosen up her tense muscles.

One of the conference room doors held shut, the other room's doors open and the lights out. Light streamed under the door and through the indoor window of the occupied conference room. She sidled up to it, trying to peer in without showing her face. She caught of glimpse of Tevita, standing against the wall. His normal smiley features pulled down in a frown, his arms folded tightly across his chest. She knew he only folded his arms like that when angry. Not just a little angry, but very angry. She quickly backtracked to approach the door from the other side.

The first person she saw held a sly smile on his face, his slick features seeming to hold confidence to overflowing. He spoke, his mouth quirking at the corner as if he had trouble keeping a secret. He pointed at a laptop plugged into one of the network cables snaking out of the middle of the large oval conference table. It looked like one of their field laptops meant for Sales Engineers or Consultants. She even saw the telltale barcode they stuck on all laptops before shipping them out, but also noted it was vPro capable. She glanced around, but in the dead-end hallway no one paid her any mind. She ducked down and put her ear against the door, trying to hear inside.

"...really think you're as spineless as that, old man." The voice reminded Jessica of a new car salesman who knew he could really sell cars.

Mr. Johnson's voice sounded as measured and confident as always. "You know that's not true, Jake."

"I do have to give you credit, Mr. Unflappable. You act like you aren't phased, but I've seen your employees run around like chickens with their heads cut off from time to time. I was hoping to reach an agreement today, to avoid future... incidents."

"We're not afraid of you," Tevita said hotly, the words loud enough to cause her to flinch.

She could just imagine Mr. Johnson holding up a placating hand to Tevita. "Why do we need an agreement? You've seen the projected numbers, I assume. You've done no real harm."

"Oh? You seem to forget I have access to your network, as this laptop proves. I know everything, including pending projects, budget allotment, fiscal year targets, and actual revenue both real and pending."

"You love the threat," Mr. Johnson said, a hint of mocking in his tone. "Did you think I'd be impressed that you'd have the gall to walk in here and make ludicrous demands?"

"You'll notice that security hasn't stopped me yet. If you need proof, let me show you..."

Jessica glanced through the window, her eyes trying to focus on the number printed below the barcode. If she knew which machine this was, she might be able to control it. She quickly pulled out her cell phone and punched in the number. She then quickly retreated, heading back quickly towards the stairs. She scampered down them, only to almost fall as the heel on her left shoe broke off. She skidded down the last few steps, barely catching the rail to stop a certain face plant. She quickly slipped both shoes off, hurrying down to the first floor.

She reached her cube, glad she'd left the Altiris Console up. She used the barcode in Asset Management to find the name of the system. She browsed in the console under View, Solutions, Real-Time Console Infrastructure, Tools, and clicked on the Manage node. She quickly typed in the name and clicked OK. A window appeared, giving her the RTSM interface. A grim smile slipped on her lips as the tree loaded, giving her all of the Real-Time System Manager functionality. In the left-hand pane she browsed down into Real-Time Consoles, Real-Time System Manager, Administrative Tasks, and selected Hardware management.

With her hand hovering over the mouse, her mind whirled through the possibilities. With vPro, she had a lot more power. Taking control of the system wouldn't do much since she could only access a non-graphical interface with Serial Over LAN. Anything else she might do would only alert them to what was occurring. She needed to do something fast. She selected to reboot the system, checking the option under Redirection options labeled, Perform boot from: and Display task progress and remotely control computer. She selected to provide a CD image, browsing to a utility for disk formatting. The utility had the ability to quickly write zeroes to the drive. This essentially cleared the hard drive of all data.

It was a good first step, and she initiated the reboot, redirection. She wished she could see the snide smile vanish as the computer abruptly turned off without any warning. She knew the laptops had reasonable boot times, but it seemed to take an eternity to load the utility. She half expected the laptop to be removed from the network, the SOL session dropping, but eventually the utility's interface appeared. She glanced at her watch. It took forty seconds, though she swore it had to be at least five fretful minutes.

She quickly selected the option to wipe the drive, quickly pressing through the double-warning that all data would be lost as quickly as she could. With luck the two dimwits wouldn't realize what was happening until it was too late.

Now what had he said about security? Bobby said he'd called them, so why hadn't anyone responded? She pushed to her feet as she locked her computer, hurrying towards the front desk area. When she reached the front desk she found it unoccupied. A visitor stood at the front of the desk, looking around with a frown and lines creasing his forehead.

"It's about time," the man said, visibly trying to smooth his expression. "I have an interview and need a temp badge."

Jessica shook her head. "Sorry, I'm not with security," she said hurriedly as she picked up the phone.

"If you're an employee, you can escort me," he said with the words forceful. She paused, looking him over quickly. He carried a thin folder under his left arm, with his arms held closely to his sides, his legs shoulder-length apart. His dark eyes watched her far too intently, hardly a blink to disrupt his scrutiny. Despite his oversized short, she could see the honed muscles tensed underneath.

She swallowed the lump that formed in her throat. If she hadn't failed Drama in high school she wouldn't be as worried as she tried to smooth her expression.

"It's against policy," she said, grateful the words came out firmly. "Without a badge... I'm sure security will return shortly."

The man's lips thinned. "You don't understand..."

She dialed the phone as if she wasn't two millimeters away from bolting back into the secured section of the building. The wide desk might give her enough lead time to get through before this suspicious man grabbed her. If he chased her, would she try to force the door closed behind her, or simply start screaming? Her face felt cold, but she still found the whole situation absurdly funny.

Bobby answered his phone. "What, IM broken again?"

"Hi, this is Jess. I came up to talk to the front desk folk, but nobody's here. Can you page them?"

The man standing in front of the desk scowled. "Look, I can't wait any longer..."

"Really? I called and told them the situation."

"I know. I need to take care of the power problem to the servers we discussed earlier, and need someone from facilities here, now. Can you try again?"

"Power...? Oh. I see. I'll get right on it."

"Thanks."

She hung up the phone. She contemplated calling the police, but she wondered if the two stooges upstairs had actually broken any laws. If they hadn't, what would the police think? She knew something had to be illegal, but did police get involved in this kind of thing? She continued to watch the man carefully. He stood stiff, visibly trying to keep his face smooth.

"Sorry," she said. "I can't help you, but someone should be here soon."

"That might be too late," the man said, throwing his free hand up into the air, almost dropping the folder with the other. "I'm supposed to do sneaky about this, but it's been too long. I'm Detective Cassidy from the Boston Police Department and believe some criminal activity is being conducted in this facility."

He reached back into his pocket and produced a wallet. He flipped it open, revealing a gleaming badge.

She stared at him, mouth open for a moment. "You're with the police?" she managed to say.

"Yes, now get me into that building unless you want to be held culpable as well!"

"Culpable? No, by all means! Please, come in."

She walked over to the main door, pulling her badge up to the magnetic reader. Her heart hammered in her chest, relief flowing through her limbs until she felt almost weak. She held the door open for the detective. He walked in, eyeing her suspiciously.

"I'm Jessica Langley," she offered. "I'm on the IT staff."

"Jessica... I'm surprised you'd offer your name so freely," he said, eyes moving over the collection of cubes.

"Why? Whatever you've heard, you'll see the truth soon enough."

"The truth, eh?" he said with a hint of a dry smile. "Okay. Lead on."

They quickly headed up the stairs, through the marketing section, past the executive offices, to finally reach the one closed door in the conference area.

"That guy there, Jake Wells I believe is his name, is the CEO of New Nifty Networks."

Cassidy peered in.

"Fix it!" Jake demanded with his face an unhealthy shade of red. The "ninja", still sporting his delivery guy outfit, fussed with the computer.

"It's dead..." he said. "Somehow I can't boot to the hard drive."

Mr. Johnson sighed. "Are we done here? I have a business to run."

"No!" Jake exclaimed. "I don't know how you did it, but this isn't the only laptop of yours I have, of course. I can access everything, even your accounting software..."

Cassidy stepped back, fingering his chin. "Well. This is certainly odd. But a few unanswered facts are now coming into focus."

Jessica gestured towards the door. "So you came here thinking we're doing something illegal?"

"No, according to the evidence presented to us, you were doing illegal stuff. This all but confirms the counter-theory that Jake Wells, a well-known business criminal, was in fact setting you guys up. Alright, don't tell him I came here as I need to get the right evidence in place before arresting him..."

"What if he gets violent?" Jessica asked as Detective Cassidy began hurrying away.

"Violent? Not likely, but if so, I'll have an officer waiting outside the building. Now if you'll excuse me..."

The man practically ran away, hurrying down the stairs. Jessica watched him disappear, and then heard the door behind her open. She turned around to face Jake Wells.

"Hello," Jake said with his broad smile just a little strained.

"Uh, hi," she responded, stepping to the side. She half-expected him to see right through her wary expression, but he simply walked on past, his cohort the ninja following behind, carrying the now defective laptop behind him.

Later Tevita, Jessica, Bobby, Edgar, and Daniel the CSO sat in Mr. Johnson's office. The CEO smiled, a look of relief cracking his normally stoic demeanor.

"Perfect," he said, standing up to offer his hand to Jessica. She blushed furiously as she rose and accepted the hand shake.

"Was nothing," she mumbled.

"Nonsense. You not only stole his thunder, that which he enjoys the most, but you unmasked his entire operation to the police. His sly and underhanded method to use the police to clear out our own security in his plans was ingenious, I must admit, but it certainly backfired. Bobby. Thank you for digging through the servers to find which stolen laptops made the illicit connections to our network to fudge our accounting procedures. Tevita. Well done identifying and cutting off access for those computers and those accounts on them. By removing that potential threat we've finished securing ourselves against any current threat, and with Jake Wells back under the watchful eye of the police, we will likely have a good respite."

"You're welcome," several said at the same time.

He smiled again. "Take the rest of the day off. Expect a bonus soon for all your troubles, but most of all, I'm letting half of you take next week off, and the other half the following week, and you won't have to use your accrued vacation days."

Jessica smiled. Vacation. She hadn't been able to think about it for months now with the ongoing threat, and the idea almost put her to sleep on the spot. She yawned, then offered a nod of thanks.

She didn't really believe things would suddenly become easy as sliding across a newly iced hockey rink, but surely things couldn't be as bad as they'd been?

As she traveled home on the early metro commuter train, a thought struck her hard. She'd said to Tevita that things should be easier. Knowing fate, and her own unlucky streak, she'd just opened herself up to an even harder, scarier situation; one that would probably arise on the first day of her vacation. She considered throwing her mobile phone out the window, but as she raised her arm she stopped. That would be drastic; besides, fate wasn't really against her, was it? And if it was, wouldn't the arsenal provided by Intel's vPro, Altiris Manageability Platform, and tighter security policies stop it?

She didn't throw the phone out the window, but she did turn it off, vowing to turn it back on only when Sunday arrived before she was to return.

The End of Part 6

This concludes this story arc. I hope you enjoyed reading as much as I enjoyed writing this. I hope also that some of the value of vPro has been properly communicated through this story, highlighting some of the features that could be used in a security situation.

Last week I had an opportunity to drive with Todd Christ, one of the first folks to join the vPro Expert Center. He has since moved on to servers & working on Data Center space - check his blog. Dialing in your Datacenter - using Intel Dynamic Power Datacenter Manager

Good news is he's still blogging..

SCS 5.0 is the latest version of the Intel Setup and Configuration Service. This new version boasts a number of fundamental and exciting additions to the world of vPro:

1. You can enjoy the benefits of Active Directory Integration without the need to extend the Active Directory Schema!

2. You can use Windows Authentication to communicate with the SCS Database

3. The SCS Console version 5.0 has a much nicer and professional looking user interface

4. The performance, stability and logging capabilities of the application have notably improved

5. You have the ability to dynamically create collectoins of AMT Systems based on different filter conditions

6. This is still early days for AMT Firmware versions 4 and 5 and the use of CIRA (Client Initiated Remote Access) and MPS (Management Presence Server) but it supports them

Note: If you are using SMS as your Management Software you will need to use the Intel (R) Client Manageability Addon version 5.0 which is available for download from the following url: http://downloadcenter.intel.com/Filter_Results.aspx?strOSs=All&strTypes=All&ProductID=2609&lang=eng&OSFullName=All%20Operating%20Systems

To emphasize the point - you will not be able to use SMS Addon version 3.3 with SCS 5.0. SCS version 5.0 will be bundled already for you with the Addon version 5.0.

Some potentially useful technical insights that I have gathered through my experience of being an early adopter of SCS 5.0 through trying to deploy it at a large-scale enterprise customer:

1. If you opt for having windows authentication (as opposed to the dummy SQL account which was part of the design up until SCS 3.3) you will need to opt for the custom installation path. In there you will be prompted to specify twice the user for running the AMTSCS and AMTSCS_RCFG virtual directories in IIS. You will need to specify the same username and password of the accounts that are running your IIS services where your SCS is being installed. Pay attention to this step - if you specify any user other than the user that is running the IIS services: this could a local account for example and not a domain account, then you will not be able to log into SCS via the SCS console.

2. When you opt for the windows authentication to DB you wil not be able to use the default website on IIS. If you are creating a new website and you are going to opt for https connection, make sure your new website is setup with the server ssl certificate. You will also need to remember to stop the default website and have your new website running.

3. You will need to remember to delegate permissions to the account that is running the SCS service on the AD OU for AMT objects, but this time it will be for objects of type 'Computer Objects'. There will not be a conflict with the Host OS level computer objects as these AMT Computer Objects are seen as user objects.

4. You have the option to create the DB separately using an SQL Standalone DB script (i.e. not as part of the install wizard) however even if you are opting for windows authentication to your SCS DB, you can achieve this by only running the wizard (the custom install path). If you have created the DB prior to SCS install, you can point the SCS service to this DB instance during the install wizard.

5. A general point to note that would apply to any provisioning with SCS (not just SCS 5.0) - when you are creating a profile

6. Another point to mention is that the profile ID number is not fully deterministic if you don't run through the config of a new profile without pressing cancel at any point. For example, if you have the default profile as profile ID #1 then when you try and create an additional profile and at some point click cancel and then try and create a new profile it can eventually have a profile ID of #5 for example. This can start becoming a problem if you rely on the profile ID number as part of your provisioning process using the Activator Utility for example, as you can only pass the profile ID as far as the SCS API is concerned, yet if you've hardcoded the profile ID in some file on the vPro client where your Activator Utility will run then you cannot know for sure until your profile has been created in SCS what its profile ID will be. If you are editing an existing profile, its ID number won't change. You also cannot go into the DB and change that value manually as it is a primary key and is auto generated as part of an indexing mechanism in the SCS code. - this one might be a bit tricky, so contact me if you need me to clarify.

7. I don't know whether you've noticed any sluggishness in the past when trying to install 3.x versions of SCS - for example with one of my large customers it would take 1.5 hours to install SCS because of looking up users in a rather large Active Directory; whereas with SCS 5.0 it takes 5 minutes at most.

8. Whilst I haven't taken advantage of the capability to create collectoins of AMT systems I wanted to point out one of the main benefits of this feature. I have been faced in the past with situations where I need to perform an operation through SCS on many machines, but not all machines. Therefore the global operations in SCS 3.x versions only gave me the possibility of running the command on a single or all machines. Now I can tailor which machines I want to perform operations on.

My overall recommendation to you is to give SCS 5.0 a go. It is easily the best SCS version that has been released. I have blogged about it as part of my first hand experiences - I have had nothing to do with its development and I am speaking out of the objective view of a user. Hope you find this useful.

Ta