any Intel vPro experts in this group?
What system models do you have?
There are different components of vPro
For the Active Management Technology. Yes - if the BIOS battery is removed and reinserted, the Intel AMT settings will be reset to factory default. In addition, some OEMs provide a setting in BIOS to reset Intel AMT upon the next reboot. The suggest here is lock you BIOS settings and case if that is a concern
For the Anti-Theft Technology (AT-p) - a BIOS battery reset will not affect. Therefore, if someone were to steal a system that is configured with Absolute, Computrace, or other support AT-p security vendor... if the AT-p policy activates and disables the system, only a re-activation key\sequence as defined by the security policy will reactivate the system. A BIOS battery reset will not
Does that help?
Thanks Terry for the info. I will be setting up vPro with Altiris Out of Band component. The PC's that I use are HP. Is the (AT-p) Anti-Theft Technology available for HP computers? From what I've read, it's only on Lenovo brand.
Basically, I need to know if there is any other way around disabling AMT vPro other than removing the BIOS battery, however I dont' see anywhere in the Intel vPro documentation regarding the security details.
Correct on AT-p being available for only Lenovo platforms... other's may add the functionality, yet only Lenovo supports at this time.
Regarding the disabling or unconfiguring of AMT - Take a look at http://www.symantec.com/connect/articles/provisioning-intel-vpro-technology-part-4-remotely-resetting-provisioning-state On the HP laptops (i.e. 2510p, 6910p, 8510p, 2530p, 6930p, 8530p), there is an option in the BIOS to unconfigure AMT on next boot. This option requires a confirmation at the next boot. Thus - it is possible - but can be controlled by BIOS security. Similarly - as mentioned in the article - if an Altiris user has sufficient rights\access, they can unconfigure systems remotely. In both cases - it's a matter of Access Control, rights\permissions, etc.
Just curious - how soon will you be activating vPro\AMT? How many client systems? Key usage model? (if you'd prefer to not answer on blog - send me a private message via vPro Expert center account)