I hope, I am asking in the correct place: My question is regarding Intel AMT v9 technology. I have only one PC which is app 300 KM far from me. To have as good control over it as possible, I have decided to control it using Intel AMT. My configuration uses Intel AMT 9.
I can access the PC without problems through Intel AMT KVM through un-encrypted connection. However, I want to be able to access the PC securely. Here are my questions:
- To my knowledge, standard procedures to configure encrypted Intel AMT KVM is using provisioning server. Is it possible to configure Intel AMT communication through TLS-PSK or TLS-PKI without installing provisioning server, please? For one remote PC it does not make too much sense to install a server. I would like to configure one PC manually.
- If I have to install a provisioning and configuration server, is it enough to let the server running during remote PC provisioning only? After the Intel AMT PC is provisioned, I do not wish to have the server running all the time just for this PC, and I would like to shut it down.
- Are TLS-PSK and TLS-PKI equally secure? I know that TLS-PSK will be discontinued, which looks like it is less secure encryption standard. However, I have also heard, that after both encryption standards are configured, they are equally safe.
- Is it safe to use Intel AMT v9 over the Internet if the connection is encrypted?
As I use software firewall on the remote PC, I can not use a VPN channel through a router or a firewall, which would protect the Intel AMT communication. I would really take advantage of encrypted Intel AMT technology.
Thank you very much for your responses.