Yesterday night I was in the zone and worked practically all night, actually I went home at 2am. People who know how wonderful being "in the zone" is will understand. In any case, I recorded two new tutorial videos and added them to the big tutorial video pack that is available on the Intel AMT DTK page. So, the video pack went from 11 to 13 tutorial videos and from 146 to over 160 megabytes... but it's worth it!

Advanced 3PDS usages video: This is a video I wanted to record for a long time. Ever since the improved 3PDS support in the DTK, I wanted to show off what new cool things can be done with 3PDS. In this video, show how both Intel AMT Commander and Intel AMT Outpost can access 3PDS. The remote vs local access of 3PDS is a little different and takes some getting use to. I show how I can drag & drop a picture into 3PDS and view it on the other side. Both tools have a way to view 3PDS data in HEX, UTF8, picture or web page. Just right click on the data and select the way you want to view it. If your going to demo 3PDS, pictures are the way to go. I also show how I can store WMI data into 3PDS and retrieve it remotely.

Resource Translator video: The Intel AMT DTK includes it's own tool for translating the DTK to other languages. English, Simplified Chinese, Japanese, Korean and some French are already available and I am always looking for people to help translate to new languages or correct existing strings. In talking to Ajay, if you help with DTK translation, we will certainly send some type of gift... or I would personally get a gift from the Intel store to anyone who helps out. Just load the dictionary in the tool, select a language, filter on a tool to translate, work, save often and send the dictionary file to me.

That's it. I asked Ajay who runs this community to add the two new videos for streaming so they should show up on the Intel AMT DTK web page in a few days. Right now, you need to download the big video package to get them.

Ylian (Intel AMT Blog)

I am happy to announce that we just put online a new Intel AMT Developer Tool Kit (DTK) tutorial video pack. It's just a large 146 megabytes ZIP file with 11 tutorial videos recorded using a desktop capture application and two live Intel AMT demonstrations using Intel AMT Commander. This is great news for people who had problems streaming the videos before or who simply wanted to get all the videos in highest possible quality. The tutorial video pack is available on the Intel AMT DTK web page, at the bottom of the page.

Many people ask how I record the tutorial videos. I simply use Microsoft's Windows Media Encoder 9 tool, it's available for free on the Microsoft web site. The best audio quality, I got myself a USB headset with built-in microphone. I just never had good luck with normal microphones that plug into sound cards, and this USB headsetalways works perfectly. I don't usually rehearse much before recording these videos and sometimes I record them late at night. As a result you get a pretty honest look at how I use the Intel AMT DTK myself.

The tutorial video pack includes early videos from the Intel AMT DTK v0.11 days, and much newer videos recorded using a yet unreleased version of the Intel AMT DTK. If you are really lucky and happen to own an Intel AMT 3.0 computer, you will be especially interested in the new heuristic tutorial video and will noticed that Intel AMT Commander's UI has been updated. I will get the latest version online within the next week, it's really cool and much improved.

Ylian (Intel AMT Blog)

It's time for a new release of the Intel AMT Developer Tool Kit. Version v0.45 was released Saturday morning with a bunch more bug fixes and improvements. People ask me what the formal road map for the DTK is and I answer that there is none, its customer driven and I constantly improve many features. Of course, I have my ideas where I am going with this, but I am always looking for suggestions.

Let's look at a few new features in this release:

Intel AMT Commander can now auto-detect and connect to LMS. In the past, only Intel AMT Outpost could connect to the local Intel AMT interface. In this new release, Intel AMT Commander will automatically detect and connect to LMS. So you can direct Commander to connect to "localhost" enter the username and password and it will work. Currently, you can't do much, on AMT 2.5 and higher systems, Intel AMT Commander will display the Intel AMT event log.

Intel AMT Commander re-branding. It's now easier than ever to add branding to Commander, just create a "branding" folder under Intel AMT Commander's executable and put a set of bitmaps in the directory. The default bitmaps will be replaced the next time Commander is run. You can find all the details in the readme.txt file of the DTK. By the way, it's perfectly fine to re-brand and ship Commander or any of the Intel AMT DTK tools. For example: To include with Intel AMT motherboards, etc.

Improves Intel AMT Stack. The Intel AMT stack built in C# on which Intel AMT Commander and the other tools are built on is improving all the time. In this version, I took special care to clean up the "AmtSystem" class. It's the root class for all of the Intel AMT functionality. For a quick sample on how to use the stack, look at the "IAmtCmd" project in the DTK source code.[Intel AMT Developer Tool Kit|http://softwareblogs.intel.com/wordpress/wp-content/uploads/2007/12/intel-amt-dtk-blog-v045.mp3]

Intel AMT Developer Tool Kit v0.45 Audio Blog (.mp3)

Ylian (Intel AMT Blog)

Many months ago when Intel AMT 3.0 computers were still in pre-production, a test group at Intel came over and dropped one of these prototypes in my lab. "Have a good time" the guy said. He smiles and walked away. At the time, my lab was only composed of AMT 1.0 and AMT 2.0 computers and so, I was very excited to get one of the first AMT 3.0 computers, before anyone else outside of INtel. 24 hours later, I had built heuristic filter support in Intel AMT Commander and very quickly, Commander was the leading AMT 3.0 test tool within Intel. Later on, I also built Intel Net Traffic, a small tool to help test heuristic filters.

The heuristic filter feature of AMT 3.0 is an extension of the existing Intel AMT System Defense feature. It's a new and special type of filter that looks only at outgoing packets to see if the computer is attacking other computers. Just to be clear, heuristic filters don't protect the computer from attack; it's built to prevent the computer from attacking others. Using Intel AMT Commander, if you connect to an AMT 3.0 computer, you will see a heuristic folder in the "Network" filter of the computer. You can set the heuristic policy timeouts, what happens when it triggers and if the action is permanent or if after a while, the heuristic filter should be reset.

Testing heuristic filters is straight forward. Run "IntelNetTraffic.exe -advanced" on the AMT 3.0 computer and start a UDP packet sweep on a range of IP addresses. You can sweep at, say, 20 packets per second a given range and if you set the heuristic filter right, it will notice the sweep and block the traffic. One common mistake made when testing heuristic is that if you sweep a set of IP addresses within your own subnet, Microsoft Windows (SP2 or Vista) will block packets from being sent unless the target computer within the subnet responds to ARP requests. Unless you have a subnet with a lot of computers, most IP addresses in that sweep will not answer ARP requests and Microsoft Windows will block the packet, resulting in AMT never seeing that packet and heuristic never triggering. To fix this, just sweep a range of IP addresses located outside your own subnet.

By the way, I designed Intel Net Traffic to also allow testing of rate throttling network filters. This feature is almost never demonstrated, but it's been available since AMT 2.0. You just need to setup two Intel Net Traffic and have one send packets to the other. Then, add and activate an AMT network filter that limits the rate down. You will see the impact on the receiving Net Traffic immediately.

Ylian (Intel AMT Blog)

It's time for one more release of the Intel AMT DTK v0.43. Here are the major changes in this release:

• New Installer. Probably the most visible change is the new installer. The Intel AMT DTK is no longer a self-extract and I am looking for feedback on the installer and it's ease of use. I think users will appreciate that you can selectively install only portions on the DTK that make sense on a given computer (Console, Agent, Switchbox, Utilities).

• New Japanese translation. All of the DTK tools got a new Japanese translation this week thanks for employees from Intel Japan. Intel AMT Defender got it's first translation into a new language, and many of the new features in Intel AMT Commander and Intel AMT Director are now translated to Japanese.

• New Resource Translation Tool. I added the Intel Resource Translation tool in the DTK package. I am looking for people to translate portions of the DTK into other languages and this tool makes it very easy. Just run, load the dictionary, select a language and start translating. You can also select what tool or form you want to translate. When done, send me the dictionary file, my e-mail address is in the readme.txt file or about box and I will make it part of the next release. I also will be giving out prises, I will be figuring something out.

• Console & mouse support. Intel AMT Guardport has a new "CMD" command allowing the administrator to shell to the command prompt and access all of the power of a text mode command prompt. As a bonus, I also added mouse support in the terminal, so you can enter EDIT and move the mouse and click to get into text mode menus.

• New WMI-over-SOL. I started work on performing Windows Management Instrumentation (WMI) queries over Serial-over-LAN. It is early work, but it's looks like a powerful new way of managing and fixing computers remotly.

Download: Intel AMT DTK v0.43 Audio Blog (.mp3)

Ylian (Intel AMT Blog)

Hi everyone. I just released the Intel AMT DTK v0.41 with a few new things ahead of my departure to Taiwan for the Intel Developer Forum . In this new version, I have 3 major new things to report:

• Intel AMT Defender. I added a new tool called Intel AMT Defender. It's like a community supported version of the Intel System Defense Utility (ISDU) but does it's all new source code. It's a nice new UI, the most impressive thing about it is the new System Defense user interface that is live and very cool.

• Added Endpoint Access Control (EAC) support. I don't know much about this feature and certainly did not test it, but looking at the Intel AMT API, I added support for it in Commander. If you make it work, let me know.

• Added WSMAN browser in Intel AMT Outpost. This is very useful to see that WSMAN objects are available on the local Intel AMT interface. As a reminder, what is available locally and remotely is very different.

Intel AMT DTK v0.41 Audio Blog (.mp3)

Ylian (Intel AMT Blog)

In my never ending quest to try to have full coverage of all Intel AMT features in the Intel AMT DTK, I got motivated by two colleges to add 802.1x and Endpoint Access Control (EAC) support to Intel AMT Commander. I am not an expert on these two technologies, but they basically allow the network switch to authenticate a client and decide if it's going to let it connect on the network. This feature is normally supported in the operating system to get access to a corporate network, but when a network makes use of 802.1x to authenticate clients and the OS is down, Intel AMT can't access the network unless it authenticates.

Starting with Intel AMT 2.5 and then 3.0, Intel AMT support 802.1x and EAC and so, can authenticate itself to the network while the OS is down. In large enterprises where security is very important, this is an absolute must have. You never know if someone plugs-in an un-authorized computer on a network drop in some conference room.

I don't have 802.1x or EAC equipment in my lab, but I have attempted to add support for it in the upcoming version of Commander simply by using the SDK's documentation. Luckily, if I can set the state of Intel AMT correctly and also read it back, there is a good chance I am on the right track. If you are trying to use these features now with a SOAP tool, it's a real pain, so, having a nicer and friendlier UI is very important. I started coding this last week and realized quickly, I also needed to support the new certificate storage interfaces available in AMT 2.5 and above, so I added support for that too.

In any case, all of this is coming up in version v0.40 of the Intel AMT DTK that I should be releasing very soon. Since I have no such network, I am counting on community members to try these new features out and give me feedback on things I should change or improve.

Ylian (Intel AMT Blog)

We just released the Intel AMT Developer Tool Kit (DTK) v0.39 on the public web site with source code a few minutes ago. In this release we have many more bug fixes but also, initial work on WS-MAN support in Intel AMT Commander. In relation for WS-MAN, the most interesting new feature is a WS-MAN browser that takes all of the WSMAN objects in the Intel AMT SDK and turns them into objects that can be enumerated and viewed from any Intel AMT 3.0 computer.

Intel AMT Switchbox and Intel AMT interceptor where both improved in this release, we also updated the full source code. Two new features features are partially implemented in v0.39: Certificate Store support and 802.1x (both are AMT 2.5 and AMT 3.0 features). Still much work to be done in these areas, but its a good start.

For people trying to perform IDE-R and SOL over the Internet, I added a new "Advanced Properties" form that allows a user to change the timeouts of the redirection library. I don't know what the correct values are, hopefully someone can help me figure them out. Right now, they are all set in the UI to 10000, but most people will continue to use the default settings which are built into the redirection library.

Intel AMT DTK v0.39 Audio Blog (.mp3)

Enjoy!

Ylian (Intel AMT Blog)