Intel vPro Expert Center Blog

Intel vPro Expert Center Blog

Intel vPro Expert Center Blog : March 19, 2008

Previous Next
Click to view ErickSimpson's profile
0

There has been a lot of chatter lately on the boards and newsgroups I monitor about the economy in 2008, and whether we can classify its current status as an economic downturn, mini-recession, recession, etc. It's been generally accepted by noted economists that we are certainly experiencing an economic downturn, if measured by a significant decline in activity spread across the economy, and lasting longer than a few months. On the other hand, the technical indicator of a recession is defined as two consecutive quarters of negative economic growth as measured by our GDP.

We'll need to wait for this quarter's numbers to see if the US economy will indeed be categorized as in recession, based upon last quarter's decline in growth, even though most economists agree we are heading that way, led by indicators such as the fall of the housing market to its lowest level since 1993, and consumer spending posting its smallest gain since 1991. The most telling news heralding the severity of our current economic climate is Sunday's announcement of the buyout of Bear Stearns, one of the world's largest and most venerable investment banks by JPMorgan, for the fire-sale price of only $2 a share.

So what does this economic downturn mean to us as service providers? Businesses traditionally are much more careful in their spending during times of economic uncertainty, and I.T. projects are normally among the first batch of initiatives to be placed on hold, as clients and prospects tighten their belts to weather the storm. It's important for us to identify this reality and shape our internal processes, deliverables and their supporting technologies, message and value proposition accordingly so that we can take advantage of these opportunities.

Did that last sentence confuse you? If it did, let me explain my position. If we, as service providers, shape our message, deliverables and pricing in such a way that we are seen as a cost-saving solution to clients and prospects that can mitigate their business risks and increase their efficiencies and productivity; and therefore net profits, we have a really good shot at not only weathering economic downturns ourselves, but actually growing our businesses during these periods. Sound crazy? Let's dive a bit deeper...

As a reactive service provider, we are most profitable when our clients are experiencing the most pain. If there is an outage or disaster event, we react to and remediate the problem, then bill our client. Our clients are never prepared to pay for these reactive emergencies, so the negative impact to their cash flow and operations is very high. This is the reason many clients and prospects have a less than positive opinion of I.T. maintenance costs in general.

As a proactive service provider (read: MSP); however, our relationship with clients is the complete opposite, as we are most profitable when our clients are experiencing the least pain. The better we proactively manage and maintain their environments, the higher their efficiencies, productivity and profits. The more we integrate enabling tools and technology such as vPro that reduce our service delivery costs, and utilize processes and procedures to remotely monitor and manage our client environments, the higher our staff's utilization becomes, and the lower our cost of service delivery, increasing our net profits. So in this example, our business goals are in perfect alignment with our clients' - we are the most profitable when they are the most profitable.

So how can we reduce the cost our deliverables, and improve our efficiencies with technologies such as vPro, and shape our marketing message and value proposition to take advantage of the current economic downturn?

Watch my next blog post to find out...

0 Comments Permalink Tags: managed_services
Click to view miroyer's profile
1

Here are some high level steps that walk you through procuring a VeriSign certificate and configuring it for the Intel Setup and Configuration Service (SCS). Other certificate vendors like Go Daddy, Starfield, Comdo, etc will have different purchasing processes.

Purchase Verisign Certificate

  1. Generate Certificate Signing Request (CSR) by following the instruction in the link, http://www.verisign.com/support/ssl-certificates-support/page_dev019431.html.
  2. The Common Name (CN) needs to be the FQDN of the server you want to install this certificate on. (i.e. host name + domain name)
  3. Enter ‘Intel(R) Client Setup Certificate' for Organization Unit (OU).
  4. Complete all the steps. Visit VeriSign website, http://www.verisign.com/ssl/buy-ssl-certificates/ to start purchasing process. Select ‘Secure Site: SSL Certificates' under ‘Buy Individual SSL Certificates'.
    Note: you could choose the other two, which are in more advanced level, depending on your need.
  5. Enter all the information required and copy the CSR generated by the server
  6. Complete all the steps and print out the order confirmation page for your record.
  7. You will receive an email of Verisign automated order verification within few hours. You have only 24 hours, after receiving the email, to finish this process. Click the link in the email and go through the process. \\\\\\*Important:* If you cannot recognize the second phone number listed on the webpage, cancel the automated verification process and have them call you instead.

Certificate Installation and Exporting


  1. You will receive the link of installation instruction in the email containing the certificate. Follow the instruction to complete installation
  2. VeriSign will send you the SSL certificate via email. If the certificate is an attachment (Cert.cer), save the file to the hard drive. If the certificate is in the body of the email, create a .cer file (example: NewCertificate.cer) by copying and pasting the certificate text into a plain text editor such as Notepad or Vi. Please be sure to include the header and footer as well as the surrounding dashes. Do not use Microsoft Word or other word processing programs that may add characters. Confirm that there are no extra lines or spaces in the file.
  3. Open the Internet Services Manager (IIS). Click Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manager.
  4. Under Web Sites, right-click your web site and select Properties.
  5. Click the Directory Security tab.
  6. Under Secure Communications, click Server Certificate.
  7. The Web Site Certificate Wizard will open, click Next.
  8. Choose Process the Pending Request and Install the Certificate, then click Next.
  9. Important: The pending request must match the response file. If you deleted the pending request in error you must generate a new CSR and replace this certificate.
  10. Select the location of the certificate response file, and then click Next.
  11. Read the summary screen to be sure that you are processing the correct certificate and then click Next.
  12. You see a confirmation screen.
  13. After you read this information, click Next.
  14. Go back to IIS Manager (Start > Programs > Administrative Tasks > IIS Manager)
  15. Expand Web Sites and right click Default Web Site
  16. Under Secure Communications, click View Certificate...
  17. select Detail tab
  18. Click Copy to file at right bottom of window, the Certificate Export wizard will pop up. (N)
  19. choose Yes, export the private key (N)
  20. mark Include all certificates in the certification path if possible (N)
  21. give a password (can be weak password) and confirm (N)
  22. Give location and file name for the resulting PFX. (N), Finish, Ok.
  23. Close all windows.


Adding Cert To SCS


Install the certificate created above in the System Certificate Store on the platform where the SCS executes. Follow the following steps:


  1. Open certificates (local computer) using the Microsoft Management Console (MMC). To add the certificates plug-in to the MMC,
  2. Select file/add snap-in.
  3. Select Add....
  4. Select Certificates.
  5. Select computer account; click Next.
  6. Select Local computer; click Next.
  7. Select Finish; Close; select Certificates and click OK.
  8. In the console tree, click the logical store where the mmc will import the certificate.
  9. On the Action menu, point to All Tasks and then click Import to start the Certificate Import Wizard.
  10. Type the path and file name of the certificate to be imported or click Browse and navigate to the file. Select automatically select the certificate store based on the type of certificate.

Invoke the loadcert utility


  1. Located at <install_root>:\Program files\Intel\AMTConfServer\Tools.
  2. Double-click on loadcert.exe
  3. Select the certificate that was just imported. The utility will report any problems in the certificates that it detects that would prevent using it as a ZTC certificate.

Matt Royer

1 Comments Permalink Tags: vpro, amt, scs, verisign, remote_config