Entities such as enterprises frequently communicate and conduct business operations using a variety of computers and other devices that include various hardware components that need to be managed. Typically, computers and hardware components are connected through a network, such as a local area network (LAN). The network often includes hardware and software provided from various third parties that must have the ability to communicate and cooperate with each other in order to provide communication and other services. Configuration and management of hardware and software of a particular network can be time consuming, expensive, and susceptible to error.
In order to address the increasing costs associated with managing the hardware configuration of an entity's variety of computers, Intel launched new hardware technology referred to as INTEL® ACTIVE MANAGEMENT TECHNOLOGY (INTEL® AMT). An INTEL® AMT device may be purchased from Intel Corporation, located at 2200 Mission College Boulevard, Santa Clara, Calif. Hereinafter, INTEL® AMT hardware and INTEL® AMT device are used interchangeably. The INTEL® AMT hardware contains imbedded remote management capabilities.
The setup feature of the present invention provides network settings, Transport Layer Security (TLS) settings, etc. TLS provides secure communications over the out of band network interface between the INTEL® AMT device on the client and a management console. The configuration feature includes INTEL® AMT Security Administration, reset to factory defaults, Kerberos configuration, etc.
The INTEL® AMT hardware has an agent that resides on embedded firmware that can accept commands from a management console or server. This technology allows an entity's computers connected to the network to be configured from a central location rather than manually configuring the hardware of each computer. The default state of INTEL® AMT hardware is an unconfigured state and is not accessible by management applications of third parties. Factory Mode Setup is a process of preparing an INTEL® AMT device to receive its configuration settings from a Setup and Configuration Application (SCA). For example, the configuration for initial BIOS settings required to prepare the device for secure communications may be part of an SCA.
Computers utilizing INTEL® AMT hardware may be pre-configured with the hardware configuration management server's IP address and port number using the INTEL® AMT BIOS extension or the default of hostname=ProvisionServer and default port number of 9971. These computers may also be further configured, remotely or manually, in order to implement the management capabilities provided by the INTEL® AMT hardware. The INTEL® AMT hardware allows for only one independent software vendor's (ISV) management software to configure the hardware of a computer utilizing the INTEL® AMT hardware. However, entities may have several ISV software applications running concurrently on a single server or multiple dedicated servers. Many of these ISV applications require product specific customization of networked computers in order for the ISV application to operate properly across the network. The ability to remotely configure multiple devices or computers utilizing the INTEL® AMT hardware reduces costs not only associated with man-power but also reduces errors during configuration. Remote configuration with multiple ISV software applications also provides greater utility and versatility for the enterprise.