I just want to first say that this whole vPro thing feels like a project that has grown organically, there's a ton of papers\info from different years of different versions of AMT on different aspects of AMT all over the site. It is overwhelming\needlessly disorganized.
But on to my questions
1) How do I interface with System Defense to do AMT\Firmware level packet filtering? Is there a console for this? a GUI? I do not see ANY examples of this feature working ANYWHERE, only on documentation online for Landesk.
2) Is there any free VNC + TLS solution that works with AMT that isn't RealVNC? And no I am not going to be using RFB.
3) Isn't an unconfigured AMT\vpro capable system dangerous if the UEFI\BIOS\MBEX on the system isn't password protected? I can imagine that anyone that has physical access to the system can configure the system with their own ssl\mps and eavesdrop on all things.