0 Replies Latest reply on Sep 15, 2015 11:12 AM by Bunkai

    Intel AMT 9: Accessing one PC over Internet Securely

    Bunkai

      Dear all,

      I hope, I am asking in the correct place: My question is regarding Intel AMT v9 technology. I have only one PC which is app 300 KM far from me. To have as good control over it as possible, I have decided to control it using Intel AMT. My configuration uses Intel AMT 9.

      I can access the PC without problems through Intel AMT KVM through un-encrypted connection. However, I want to be able to access the PC securely. Here are my questions:

      • To my knowledge, standard procedures to configure encrypted Intel AMT KVM is using provisioning server. Is it possible to configure Intel AMT communication through TLS-PSK or TLS-PKI without installing provisioning server, please? For one remote PC it does not make too much sense to install a server. I would like to configure one PC manually.
      • If I have to install a provisioning and configuration server, is it enough to let the server running during remote PC provisioning only? After the Intel AMT PC is provisioned, I do not wish to have the server running all the time just for this PC, and I would like to shut it down.
      • Are TLS-PSK and TLS-PKI equally secure? I know that TLS-PSK will be discontinued, which looks like it is less secure encryption standard. However, I have also heard, that after both encryption standards are configured, they are equally safe.
      • Is it safe to use Intel AMT v9 over the Internet if the connection is encrypted?

       

      As I use software firewall on the remote PC, I can not use a VPN channel through a router or a firewall, which would protect the Intel AMT communication. I would really take advantage of encrypted Intel AMT technology.

      Thank you very much for your responses.

      Kind regards,