Intel vPro Expert Center Blog

3 Posts tagged with the eac tag
Click to view Ylian Saint-Hilaire's profile
2

Hi everyone. I just released the Intel AMT DTK v0.41 with a few new things ahead of my departure to Taiwan for the Intel Developer Forum . In this new version, I have 3 major new things to report:

  • Intel AMT Defender. I added a new tool called Intel AMT Defender. It's like a community supported version of the Intel System Defense Utility (ISDU) but does it's all new source code. It's a nice new UI, the most impressive thing about it is the new System Defense user interface that is live and very cool.
  • Added Endpoint Access Control (EAC) support. I don't know much about this feature and certainly did not test it, but looking at the Intel AMT API, I added support for it in Commander. If you make it work, let me know.
  • Added WSMAN browser in Intel AMT Outpost. This is very useful to see that WSMAN objects are available on the local Intel AMT interface. As a reminder, what is available locally and remotely is very different.

Intel AMT DTK v0.41 Audio Blog (.mp3)


http://softwareblogs.intel.com/wordpress/wp-content/uploads/2007/10/screen52.jpg

Ylian (Intel AMT Blog)

2 Comments Permalink Tags: intel, amt, dtk, commander, defender, outpost, wsman, eac
Click to view Ylian Saint-Hilaire's profile
0

Just released version v0.40 of the Intel AMT DTK, with the addition of 802.1x and Endpoint Access Control (EAC) as I wrote about in my previous blog. This is probably not going to be a big impact on many people since this feature is exclusive to large enterprises, but it's very useful for testing Intel AMT in environments where the network has access control. As I noted previously, I don't have equipment to test 802.1x and EAC, so, I will rely on the community to give me feedback.

Another interesting feature in v0.40 is the additon of Intel AMT Guardport as a Microsoft Windows tray icon application and Windows Service. Guardpost is of course the C/C++ version of Intel AMT Outpost, perfect to deployments with smaller system footprint but also for adding to a WinPE based recovery OS.

Intel AMT DTK v0.40 Audio Blog (.mp3)

Ylian (Intel AMT Blog)

0 Comments Permalink Tags: intel, amt, dtk, commander, outpost, guardport, 802.1x, eac
Click to view Ylian Saint-Hilaire's profile
0


In my never ending quest to try to have full coverage of all Intel AMT features in the Intel AMT DTK, I got motivated by two colleges to add 802.1x and Endpoint Access Control (EAC) support to Intel AMT Commander. I am not an expert on these two technologies, but they basically allow the network switch to authenticate a client and decide if it's going to let it connect on the network. This feature is normally supported in the operating system to get access to a corporate network, but when a network makes use of 802.1x to authenticate clients and the OS is down, Intel AMT can't access the network unless it authenticates.

Starting with Intel AMT 2.5 and then 3.0, Intel AMT support 802.1x and EAC and so, can authenticate itself to the network while the OS is down. In large enterprises where security is very important, this is an absolute must have. You never know if someone plugs-in an un-authorized computer on a network drop in some conference room.

I don't have 802.1x or EAC equipment in my lab, but I have attempted to add support for it in the upcoming version of Commander simply by using the SDK's documentation. Luckily, if I can set the state of Intel AMT correctly and also read it back, there is a good chance I am on the right track. If you are trying to use these features now with a SOAP tool, it's a real pain, so, having a nicer and friendlier UI is very important. I started coding this last week and realized quickly, I also needed to support the new certificate storage interfaces available in AMT 2.5 and above, so I added support for that too.

In any case, all of this is coming up in version v0.40 of the Intel AMT DTK that I should be releasing very soon. Since I have no such network, I am counting on community members to try these new features out and give me feedback on things I should change or improve.

Ylian (Intel AMT Blog)

0 Comments Permalink Tags: intel, amt, dtk, commander, 802.1x, eac, access, control