Intel® Active Management Technology: Quick Reference Guide

Submit New Article

January 8, 2009 7:16 AM PST


by Thomas Burger

Overview

Learn how the Intel® Cross Platform Manageability Program can improve IT efficiency and management capabilities across enterprise platforms.

A major barrier to greater IT efficiency is the lack of a common infrastructure for networked platform management. Intel is developing cross-platform manageability capabilities on all Intel® processor-based platforms. The Intel® Cross Platform Manageability Program extends the Digital Office "Embedded IT" vision for delivering consistent management capabilities, protocols, interfaces and security features across enterprise platforms. The first realization of the Intel Cross Platform Manageability Program is Intel® Active Management Technology (Intel® AMT). Intel is working closely with other industry leaders to advance the platform-manageability ecosystem that supports common management capabilities and product interoperability across platforms. To ensure that standards are in place to support this effort, Intel participates in a wide variety of industry standards and specifications groups.

With Intel AMT you can remotely discover, heal and protect networked computing assets, regardless of system state. Even with a crashed hard drive or locked operating system, the IT technician can access the platform for remote asset, inventory, and software management, or remote diagnostics and recovery procedures.

Intel AMT is a set of platform architectural enhancements, not an end-user solution. It is a hardware infrastructure that provides nonvolatile memory to store the unique machine ID that can be remotely accessed even when the machine is turned off, the OS is locked or the machine is broken. Intel AMT is a hardware- and firmware-based solution that utilizes persistent non-volatile storage, making it resistant to tampering or accidental data loss. To help ensure that only authorized users have access to critical features, and to protect against network attacks and/or technology misuse, Intel AMT employs robust access control and privacy mechanisms. The box below outlines its benefits and features.

Intel® Active Management Technology Features

Intel® Active Management Technology Benefits

Out-of-Band (OOB) System Management

Allows remote management of platforms regardless of power on/off state or OS state

Remote Troubleshooting and Recovery

Significantly reduces desk-side visits, increasing the efficiency of IT technical staff

Proactive Alerting

Decreases downtime and minimizes time-to-repair

Remote Hardware and Software Tracking

Eliminates time-consuming manual inventory tracking and human error, reducing asset accounting costs and increasing tracking accuracy

Non-Volatile Storage

Survives power outages and system rebuilds

Tamper-Resistant Agents

Prevents users from removing critical inventory, remote-control or virus-protection agents

 

Extensive surveys of numerous IT shops—including the Intel IT organization—laid the groundwork for defining Intel AMT. Three of the top IT needs revealed by these surveys are:

  • Better asset management
  • Reduced downtime
  • Minimized desk-side visits

 

How Intel® Active Management Technology Works – Discover, Heal, Protect

Information for system updates or to repairs can be lost when the hard drive fails or is replaced. Intel AMT allows for the design of network management utilities that identify the machine (not only while a hard drive is inoperable, but also after the drive is replaced) and automatically restore the appropriate image. This includes the device personality, system settings, group policies, security settings, and previously delivered updates and applications.

Intel AMT allows greater visibility of networked systems, improving accounting and planning for software licensing, maintenance contract administration, taxation, resourcing, and other operational functions.

With Intel Active Management Technology you can:

  • Remotely discover computing assets in any state
  • Remotely heal computing assets
  • Remotely protect computing assets
  • Manage clients regardless of the system state
  • Retrieve significant diagnostic and inventory information, regardless of the system state
  • Remotely control, remote (pre)diagnosis, and remote problem resolution that increases the efficiency of technical staff

 

Intel AMT prevents intentional or inadvertent removal of inventory. It also allows for the remote control of computers an d software, such as virus-protection agents. Intel AMT is independent of the operating system, allowing IT managers to access machines even when the operating system is unavailable or inoperative. This improves asset management while reducing system downtime, technical assistance visits, and operational costs.

Remote Trouble-Shooting and Recovery

When the OS becomes inoperable in the traditional IT environment, the end user calls the IT department to report the problem. An IT technician is then sent to assess and fix the problem. Platforms using Intel AMT, can quickly and efficiently resolve an OS crash—and possibly even avert it—without any desk-side visits.

1. Proactive alerting automatically senses platform health and reports deficiencies (such as an inoperable OS) to the IT management console. The proactive alerting feature of this new technology uses out-of-band (OOB) communication. This is CPU access over a communications port, requiring direct access by external console devices, which is not handled by the OS. As a result, the inoperable OS cannot stop the alert from being sent. The IT management console receives the OS proactive alert, and the console operator knows what has happened to which platform, precluding the need for a technician desk-side visit.

2. Remote booting allows the console operator to take control of the crashed platform by remotely booting it to an IT diagnostic platform. At this point, the console operator uses existing management software to assess and fix the inoperable OS. This could include reinstallation of the IT-approved OS and patches from the IT management platform, eliminating a desk-side visit.

3. Remote management uses third-party IT-management tools that work through a uniform network-connected application programming interface (API) provided by Intel AMT.

Asset Inventory Management

Intel AMT allows the IT department to continue tracking platform inventory in any system state because the inventory platform asset information is stored in non-volatile, always-available memory.

1. The ISV application running on the IT console polls platforms on the network.

2. Platforms on the network report their inventory.

Complete and accurate asset inventory is always possible because the asset information is tamper-resistant, cannot be removed—intentionally or inadvertently—from platforms, and survives OS rebuilds. This allows more efficient control and use of network platforms, reducing the number of unidentifiable platforms on the intranet.

Benefits, Use and Availability

The Benefits of Intel Active Management Technology

Intel AMT removes a major barrier to greater IT efficiency—the lack of a platform-independent network control and communication standard. Now, corporate IT departments have Intel AMT platform architectural enhancements to support the remote discover, heal and protect process.

Benefits include potentially large savings in asset management and client computer support as well as additional savings in annual maintenance contracts from more accurate asset manageme nt reporting.

Using Intel Active Management Technology

Intel AMT maintains access to and management of the platform. This "any platform state" access gives corporate IT departments unprecedented power for more efficient platform management with reduced IT operating costs.

Complementary applications of Intel AMT with other Intel® platform technologies include Intel® Virtualization Technology and LaGrande security technology, along with the Extensible Firmware Interface (EFI) for pre-boot operations. Intel Virtualization Technology enables an IT manager to partition a portion of a PC for maintenance and software upgrade operations that are transparent to the user. In combination with Intel AMT, these operations can be performed on a system that is turned off or has a defective hard disk.

LaGrande and Intel AMT will complement each other to provide a secure environment. LaGrande will improve platform security, while Intel AMT ensures a tamper-resistant management environment that runs alongside other complementary system capabilities. EFI and Intel AMT together provide management access to systems before they boot up, and a rich execution environment for pre-boot management and security operations.

The list of software being developed to support Intel AMT continues to grow, with management and security products planned by many major software developers. These include: Altiris Inc, BMC Software, Check Point Software Technologies, Computer Associates, LANDesk Software, Novell, Symantec, StarSoftComm and Trend.

Intel Active Management Technology Availability

Intel AMT will be first available on the forthcoming desktop platform, code-named Lyndon, in 2005, followed by the server platform, code-named Bensley, in 2006.

Beginning in 2006, Intel AMT will use Web Services Management (WSM). WSM is a Web services protocol specification that helps address the cost and complexity of IT management by providing a common way for networked systems to access and exchange management information. Functionality supported by WSM makes it a valuable foundation for the next generation of management applications. WSM is designed to take advantage of the security, reliability and transactional features of WS-*, the Web services architecture.

Related Links