Home > Intel Communities > Open Port IT Community > Intel® vPro™ Expert Center > Blog > 2009 > September
Up to Blog Posts in Intel® vPro™ Expert Center
Previous Next

Intel vPro Expert Center Blog

September 2009
Terry Cutler
1

In recent weeks, I've received a number of questions about Dell Client Manager 3.0 ability to configure Intel vPro technology.

 

I have not had the opportunity to review the latest official documentation from Symantec\Altiris or Dell on how to configure Intel vPro technology. 

 

Therefore, this blog provides my perspective and approach.  As I'm working with Altiris 7 and vPro on an almost daily basis, authoring a complete set of new documentation has not been accomodating to present schedules, tasks, etc.

 

 

I ask for your patience and understanding.   This is by no means the final and complete answer - it's a "best effort"

 

 

A few key points to keep in mind. 

So - you've started to deploy Intel vPro systems from Dell and are using their Dell client manager. 

 

Altiris 7 requires SCS 5.x to configure vPro.   If vPro is already configured - it's just a matter of enabling OOB Discovery and configuring the Pluggable Protocol Architecture (PPA).. see blip.tv video referenced above.

On the Dell Client Manager, check to see if the following fileshare exists – “\\localhost\nscap\bin\x86\Out of Band Management\IntelSCS”
If so – within that directory, find AMTconfserver.exe.   This is the Intel SCS service installation.   File should be version 5.0.2.4
On the Dell Client Manager, check for “c:\Altiris OOB Configuration” directory.  If present, you should see two files – Interop.AeXClient.dll and OOBProv.exe.
The preferred approach is to install Intel SCS via the Altiris (or Dell Client Manager) interface... but sometimes that scripted install fails without direct indication as to what happened.   Although a little advanced, it may be best to directly install the Intel SCS... which is the configuration service for Intel vPro technology.

Two key challenges I’ve seen in directly installing AMTconfserver.exe is that the webdirectories (AMTSCS and AMTSCS_RCFG) need to be set to no TLS and the the integration to SCS via the OOBprov.exe is not done.   The TLS settings are handled via the advanced installation options.   The OOBprov.exe is the configuration script which checks the Symantec\Altiris database against the IntelAMT database for new records, matching UUID\FQDN, recent vPro configuration events, and so forth.

As to what configuration script will be used, this setting is made in the IntelAMT database.   My preference is to use the SCS console to adjust the setting.   SCS console is available with the full download at http://software.intel.com/en-us/articles/download-the-latest-version-of-intel-amt-setup-and-configuration-service-scs/... The other good item here is the updated version of SCS 5.x  (presently SCS 5.2.0.34B)

So that's the brief summary. 

 

As stated previously - my intent was not to provide a complete answer, yet to provide a brief insight and references.

Interested to hear from the community.   Did this help?  More information needed?

1 Comments Permalink Tags: vpro, provisioning, configuration, dell
Michele Gartner
0

Here are some photo highlights from the Intel Anti-Theft Technology session at IDF. You can download the presentation at http://www.intel.com/go/idfsessions. Click on the thumbnails to see fullsize pictures.

 

IDF: Anti-Theft Technology session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

 

IDF: Anti-Theft Technology Session on Twitpic

0 Comments Permalink Tags: absolute, pgp, phoenix, intel_at, idf09
Terry Cutler
2

During IDF2009, there were a few demonstrations on the upcoming embedded KVM (Keyboard, Video, Mouse) in the Intel vPro technology platform.

 

Here's a sneak peek of the technology.   One system shown - one screen is the embedded KVM, the other screen is a more than $150/port enterprise KVM solution.   Can you tell which is which?

 

 

 

More will be coming about the technology, how it works, how to configure, when it will be available, etc, etc.   For now - here is the teaser.

2 Comments Permalink Tags: vpro, kvm
Terry Cutler
2

After working with Intel vPro technology for over 3 years - I still get surprised by little features that appear in the product.   Some features might not sound too interesting at first, but upon seeing how these are used my opinion changes.

 

One such features is the "PC Alarm Clock" capability in AMT 5, with software development support in the Intel AMT SDK 5.1.

 

An overview of this features is explained at http://communities.intel.com/docs/DOC-3483.... why that article is posted in the Server Room area of Open Port I do not know.

 

I was at IDF2009 this week and had a chance to visit the McAfee showcase booth.  What I saw was very impressive.   PC Alarm Clock provides a uniform "wake-up" at a defined time with an indication of what caused the power-on.   Was the system powered on because of a user hitting the power button or did the PC Alarm clock trigger the event?   Before visiting the McAfee booth, my first thought was "hey - that can be done via a system BIOS".   Well - I got some education.

 

Not all OEM BIOS setups support a timed wake-up.   If they do - having a uniform access to configure\control across OEMs would require disparate tools.   Plus - having a mechanism for an agent to know whether the system was powered due to user local to system or scheduled time is helpful.  Plus - an Intel AMT power-on event to a collection of systems is possible IF those systems are connected and IF you are okay with a unicast message to each system thus having a potential delay from first system to last system that powers on.  Plus - with PC Alarm Clock within Intel AMT - the time is synchronized.  Etc, etc

 

So here's the situation.   To avoid disrupting work hours with anti-virus scans or other maintenance routines... what if the system were scheduled to power-on at 3am to perform these tasks.   If powered on via PC Alarm clock, what McAfee agent will do is sense this and know that it's time to run a scan, and so forth.   At the conclusion of the scan, the McAfee setup will gracefully shutdown the system.   Thus - all assigned systems get a set time to power-on... and at that set time, all systems power-up, check to ensure it was a scheduled power-on, run the scan, and then return to an off start gracefully.

 

Ok - to some that might seem too simple to really matter.   But to me, after working with various management solutions and Intel vPro technology - that's a better cool approach.   It's a difference of push vs. pull... and when you're talking about hundreds or thousands of systems being orchestrated to perform an event... that little feature called "PC Alarm Clock" in the right hands such as McAfee... it's pretty cool

 

What do you think?

2 Comments Permalink Tags: vpro
Josh Hilliker
0

0 Comments Permalink Tags: trevor_sullivan, vpro_expert_center
Josh Hilliker
0

Enjoy this shout out..

0 Comments Permalink Tags: vprobooth, trevor_sullivan, michele_gartner, idf09
Josh Hilliker
1

Abdul kicks us off with the core message - SMB is important, Talking about SMB, MSP & Mesh.

 

SANY0112.JPG

 

SANY0116.JPG

SANY0118.JPG

 

Teri McFaul - Talking about MSP’s and her work w/ the SP’s.   3 major IT service task SP’s perform area:  HW maintenance tasks, sw/anti-virus updates, hwupdates/remediation.

SANY0120.JPG

 

2 Options for provisioning for Service Providers

#1.   Manually Provision in SMB Site

go to SMB Talk

#2.  Pre-Provision before shipping to SMB

 

 

 

Now onto Ylian talking about two innovative concept ideas:

*Use IDE-r on the internet

*using Intel AMt in a mesh configuration

SANY0121.JPG

 

Teaser - Booting a minimal Linux* kernel

* use 2Mg disk image to boot a small kernel

* create a beach front: serial, disk and network

* User serial for control, disk for caching, network to download more tools

 

He will show how to build a linux kernel.

 

Mesh time

- Provisioning intel AMT in a mesh.

 

This was by far the best session for IDF for vPro that I was in.      I will put a link here to the material as soon as possible.   

1 Comments Permalink Tags: idf09, vpro_expert_center, smb, ylian_saint-hilaire, teri_mcfaul, it_director, abdul_bailey
Michele Gartner
0
  • Client virtualization enables IT and end-user value
  • Optima3 l balance with Dynamic Virtual Clients
  • DVC with vPro technology for secure manageability, trusted execution, and robust virtualization
  • Virtualization drives new hardware requirements

 

 

 

The right balance of Dynamic Virtual Clients #idf09 on Twitpic

 

 

 

John Vicente defines virtualization at #IDF09 on Twitpic

 

 

 

More from John Vicente in the vPro/DVC class: Direct I/O assi... on Twitpic

 

 

 

More from DVC/Intel vPro class: Secure Virtualization - Intel... on Twitpic

 

Share photos on twitter with Twitpic

0 Comments Permalink Tags: idf09, vpro, dvc
Michele Gartner
0

Click the thumbnails to see more detail. To download the presentation, visit http://www.intel.com/go/idfsessions.

 

Roadmap - Intel vPro Technology

 

2010 vpro technology #vPEC #IDF09 - Here's the real deal for ... on Twitpic

 

KVM remote control

 

Visual remote access - adds another layer on top of things like CIRA.

 

Architecture overview - remote management console makes secure connection to machine- Yasser shows how chipset/graphics communications to the remote machine.

 

KVM Architecture Overview #idf09 #vpec on Twitpic

 

Out of Office Connectivity

 

Fast call for help and remote pc assist technology

 

Remote pc assist - for end users who don't have corporate IT - small businesses, home users

 

Wireless without running OS - works both in band or out of band

 

Out of Office Connectivity - fast call for help & remote pc a... on Twitpic

 

Remote Encryption Management

Supports software full disk encryption, TCG OPAL, and Seagate DriveTrust.

 

Remote Encryption Management on Twitpic

0 Comments Permalink Tags: vpro, remote_encryption, kvm, idf09, fast_call_for_help
Josh Hilliker
0

Here's a good showcase from Paul on vPro and the new features, including anti-theft.   Also what is very cool is the example of a MID in the enterprise that can kick off the kill pill for a stolen laptop.

 

 

 

 

More to come in the classes and highlights from the team.  Stay Tuned for more.    I'll also put on a higher res version post IDF. 

0 Comments Permalink Tags: paul, vpro_expert_center, idf09, idf2009
Josh Hilliker
0

IDF - Getting Started

Posted by Josh Hilliker Sep 22, 2009

As the Journey begins @ IDF I have an opportunity to talk with the vPro team to hear more about what they have been working on.   This includes a quick preview of Paul's key note.   

 

Let's start with Brian, Matt & Dan. 

 

 

Then onto Matt Royer talking about Paul's keynote.

 

 

Keep checking back for more video's over the next 3 day's..

0 Comments Permalink Tags: idf09, idf2009
Josh Hilliker
0

PROS001 Technical Overview of Next Generation Intel® vPro™ Technology
PROS002 Increasing Client Manageability with Intel® vPro™ Technology and Microsoft* System Center Configuration Manager 2007
PROS003 Client Virtualization and Intel® vPro™ Technology
PROS004 Small and Medium Business: How to Deliver Intel® vPro™ Technology
PROS005 Thieves Beware: Intel® Powered Notebooks Will Turn Into Bricks When Stolen!
PROP001 Interactive Panel on Benefits of Intel® Anti-theft Technology (Intel® AT)
PROP002 Deploying and Managing Intel® vPro™ Technology in Enterprise Environments
PROL001-002 Extreme Programming with Intel® vPro™ Technology: Pushing the Limits with Innovative Software
PROQ001 Intel® vPro™ Technology Deployment Best Practices in Enterprise Environments
Additional info in the Intel® vPro ™ Technology community – Showcase, 1st floor
Book on topic: Active Platform Management Demystified: Unleashing the Power of Intel® vPro™ Technology (Intel Press)

0 Comments Permalink Tags: vpro_expert_center, idf09, vpro
Michele Gartner
0

Hi everyone -

 

If you missed our webinar "Beyond the Firewall: Using Fast Call for Help to Manage PCs with Intel® vPro™ Technology," then you can now watch the recording. The PowerPoint slides are also available; they are attached to this blog posting.

 

Click to view the recording.

0 Comments Permalink Tags: vpro, fast_call_for_help, webinar
Josh Hilliker
0

vPro Tweetup @ IDF

Posted by Josh Hilliker Sep 16, 2009

September 23rd - 4-5PM PST we are going to do a tweetup for vPro, SCCM SP2 & Win7.   I'll post out the hashtag shortly and details so you can join us either @ IDF or online.

 

0 Comments Permalink Tags: idf09, vpro_tweetup, idf
Josh Hilliker
0

In the world of IT, the challenge of defining value is mission important and keeping relevance to your end users is a key aspect of this.  One of the opportunities ahead for IT is the move to Windows 7 and the impact this will have on your end users.    Let's start this discussion around three areas of why you should take notice:

 

 

Microsoft & Intel have been working together to make Windows 7 and our Hardware perform optimally with this new OS

Why does it work better together you ask?  Well.  Better Yet - we'll show you

DVD video - Part I, II & III.

 

 

 

 

Security

 

 

Collaboration

 

 

 

Intel Architecture is best of breed with Centrino2 & Core2 you have the best for energy efficiency, security, productivity ( the list goes on ). 

Intel Architecture simply rocks

  • Get the best overall performance with Intel® Core™2 Duo processor you'll get an arsenal of performance-rich technologies, including up to 6MB of shared L2 cache and up to 1333 MHz Front Side Bus.
  • Enjoy 3X faster multitasking performance with multi-core processing combines two independent processor cores in one physical package.¹ Processors run at the same frequency and share up to 6MB of L2 cache and up to 1333 MHZ Front Side Bus for truly parallel computing with over.
  • Improve execution time and energy efficiency with more instructions per clock cycle enabled by Intel® Wide Dynamic Execution.
  • Get smarter, more energy-efficient performance enabled by Intel® Intelligent Power Capability.
  • Improve system performance enabled by Intel® Smart Memory Access, optimizing the use of the available data bandwidth.
  • Get higher-performance, more efficient cache subsystem enabled by Intel® Advanced Smart Cache, optimized for multi-core and dual-core processors.
  • Accelerate a broad range of applications, , including video, speech and image, photo processing, encryption, financial, engineering and scientific applications, enabled by Intel® Advanced Digital Media Boost.

    •  

    With Intel vPro Technology it's easier to get this new OS loaded or to bring your IT shop to a new playing field for IT support.

    vPro who?  If you haven't heard of vPro yet, here's 4 intersection points with Windows 7 that make's it easier to deploy & manage.

     

     

     

    So what?

    Well it's optimized to work better together, our latest IA is better for your business and vPro just makes it all happen. 

     

    Don’t' forget we have a windows 7 wiki - http://communities.intel.com/docs/DOC-3096

    0 Comments Permalink Tags: openportpromo, josh_hilliker, win7, windows7, windows_7
    Josh Hilliker
    0
    Anand Pashupathy (left) and Mojtaba Mirashrafi developed an idea for an anti-theft service for laptops into a shipped product in just 12 months.

    antitheftdudes.jpg

    Great article about their startup and a little about Mr. USB.

     

    http://www.oregonbusiness.com/articles/69-september-2009/2159-on-the-edge

    0 Comments Permalink Tags: anti-theft, anti_theft
    Josh Hilliker
    0

    Great video - Compucom, provider of IT solutions to Fortune 1000 companies, describes how Intel innovation has taken Compucoms business to another level. Compucom Vice President Thomas Vetterani describes how Compucom customers who have deployed PCs with Intel® vPro™ technology lower support costs, improve user uptime, experience faster patch management, and have the building blocks for more-secure, remotely-managed client virtualization.

    0 Comments Permalink Tags: compucom
    Michele Gartner
    0

    Beyond the Firewall: Using Fast Call for Help to Manage PCs with Intel vPro technology

    Wednesday, September 16, 2009

    8:00 AM - 9:30 AM PDT

     

    This webinar  introduces Intel vPro Technology's 'Fast Call For Help' (FCFH) capability, which allows you to manage your systems that are outside your firewall. Intel and Checkpoint will demonstrate how you can run Asset Discovery, Remote Power Management and Remote Diagnostic and Repair, even when the systems are outside your firewall.

     

    Register here: https://www2.gotomeeting.com/register/314239651

    0 Comments Permalink Tags: checkpoint, webinar, fast_call_for_help, vpro
    richardmedugno
    2

    1) It’s a major headache to replace the content;
    2) It’s costly to replace the laptop;
    3) It invites the misuse of the sensitive data files you have stored on it;
    4) It opens the door to the potentially bigger problems of data loss and identity theft.

     

    Unfortunately, it’s a growing reality for hundreds of thousands of consumers, as between 600,000 and 1.5 million laptops are stolen or lost each year in the U.S. alone. Clearly, it’s foolish for business and consumers to ignore this increasing threat and not have computer security software and anti-theft products, with the idea that it only happens to other people.
    I recalled from this past spring that Intel and Ponemon Institute released a study about the cost to businesses of a lost or stolen laptop:

     

    "A recent study commissioned by Intel and conducted by the Ponemon Institute shows that a lost or stolen laptop is worth far more than just the hardware. When everything is taken into account, such losses cost a company as much as $115,000 and an average of $49,000.

     

    The study analyzed 138 cases of lost and stolen notebooks. The average cost of $49,246 was based on costs associated with much more than just hardware and software replacement: detection and escalation, forensics and investigation, data breach, lost intellectual property, lost productivity, and other legal or regulatory costs. The study notes that the highest cost components are data breach and intellectual property loss..."

     

    Wondering how much costs could be reduced if lost or stolen laptops had a security product like Phoenix Technologies' FailSafe™ [http://www.failsafe.com] - a theft-deterrence product that helps "protect, track, and manage lost or stolen laptops" using a BIOS embedded, tamper-resistant tracking agent.
    2 Comments Permalink Tags: data, loss, identity, theft, security, anti-theft, failsafe
    Michele Gartner
    1

    If you were unable to attend our latest webinar, "Enhancing the Symantec Management Platform (Altiris) with Intel® vPro™ Technology," then you can now view it online. In addition, you can download the PowerPoint slides; you'll find them as an attachment to this posting.

    Watch the Webinar

    Click to view the webinar.

    Additional Resources

    In addition to all of this great info, Terry has provided additional resources to help you get up to speed quickly:

     

    1 Comments Permalink Tags: webinar, altiris_console, symantec, vpro
    Josh Hilliker
    0

    Mauricio Cuervo personal invite to his class.   Please join us in the class to talk with Software providers and Intel about how Intel Anti Theft Technology can assist your business.

     

     

    Here's the 2 specific sessions that Mauricio is discussing.. 

    PROP001 Panel:  Benefits of Intel Anti Theft Technology

    PROP005 Class: - Thieves beware: Intel powered notebook's will turn into bricks when stolen!

     

    I will also be in both sessions, presenting in PROP005.            

    0 Comments Permalink Tags: anti_theft, josh_hilliker, mauricio_cuervo, idf2009
    Tal Elgar
    1

    For those of you out there that are  using the SMS Addon the following might be of interest, if seeing close to 100% success rates is your thing...

     

    If you've been using the SMS Addon together with Microsoft SMS as your vPro enabled management console of choice then you might have experienced less than 100% success rates when you're trying to perform AMT operations on collections of machines. The following details I will be providing have been devised specifically in the context of using the AMT wake-up feature for a Power Management Use Case, however you can extrapolate the essence and apply elsewhere if you're using some of the other features in the SMS Addon...

     

    Ok enough of an introduction.

     

    If you're implementing the power management use case, then before you'll be using the AMT wake-up feature, you'll be putting machines to sleep according to a certain policy you've put together (user initiated, SMS job executed shutdown.exe or some other shutdown scripts). However, you want to be sure that the machines you have put to sleep can be woken up on demand - mandatory advertisement triggered wake-up, scheduled wake-up or console initiated wake-up. Finding out you can't wake some machines up that you've put to sleep is far from being ideal - effectively you're reducing the success rate of your use case and you're putting machines in a state where you're benefiting from power savings, but you've compromised on your ability to get access to that machine from remote.

     

    What might interest you then is a deterministic way to ensure that every machine you put to sleep as part of your power management use case, you can wake up. Well... we've done just that.

    Here is the trick - you create your SMS collection for machines that you want to put to sleep and then wake-up, with a simple SQL statement of:

    ' Select * where iAMTStatus = 1'  - the key here is this field iAMTStatus = 1 which is a return value that confirms the SMS Addon can communicate successfully with the vPro machine. Therefore you now have a deterministic way of knowing that a machine that you've put to sleep can be woken up using SMS Addon and the AMT wake-up feature.

     

    An improvement on that is to run an AMT discovery daily (or some other frequency) to dynamically update the collection based on the ability of the SMS Addon to get to machines successfully. This will cater for if there are any changes in your environment, which there might or might not be. Currently the only way to run an AMT Discovery repeatedly on machines that have already been discovered in the past is to manually right click on a collection in the SMS Console and select AMT Discovery. We might have a more automated way of doing this soon... so watch this space.

     

    Hopefully you find this useful.

     

    - a caveat/disclaimer I should perhaps mention is that his method does not mean you will have 100% success rate for ALL your machines. Undoubtedly you will have some machines that do not have iAMTStatus = 1. Effectively what you're doing here is defining the scope.

    1 Comments Permalink Tags: microsoft_sms, sms_add_on, success_rates, tal_elgar, amt_wake-up, intel_expert, sms, amt_wakeup, power_management, power_management_use_case
    Josh Hilliker
    0

    Here's a great overview of Dynamic Virtual Clients.
    To launch the demo click here!

    0 Comments Permalink

    Popular Blog Posts