Authentication in failure environment

Authentication in failure environment

Hi everybody,

I have been reading about enterprise mode because of it is the desired mode I want to use.

I am pretty sure I am going to use SCS with DA and CA but I have an important doubt.

If I have configured my amt based-network with mutual TLS authentication, using certificates for doing it and It occurse a windows fall...how can I manage my amt-devices? If the AD and CA are down and I cant authenticate using them...can I access amt-devices using only user/password as if I were in Small Business Mode??

I hope you can help me with that simple doubt

Thanks a lot

2 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.
Gael Hofemeier (Intel)'s picture

Quoting - alberto_saganHi everybody,

I have been reading about enterprise mode because of it is the desired mode I want to use.

I am pretty sure I am going to use SCS with DA and CA but I have an important doubt.

If I have configured my amt based-network with mutual TLS authentication, using certificates for doing it and It occurse a windows fall...how can I manage my amt-devices? If the AD and CA are down and I cant authenticate using them...can I access amt-devices using only user/password as if I were in Small Business Mode??

I hope you can help me with that simple doubt

Thanks a lot

Hi - once you provision your system in Enterprise Mode using either Server or Mutual Authentication you cannot access AMT using Digest Authentication unless you re-provision in Small Business Mode or Enterprise/NON-TLS.

For the next part of your question, you would have to look at how your network environment is designed. In order to manage an AMT system, you have to be able to log on to a system that has your management software on it (or you can at least accessthe Web UI, perhaps.) Both systems need to be accessible to each other on the network. If you are operating in Enterprise TLS with either Mutual or Server Authentication then your management console needs to have the right credentials in order to authenticate with the AMT system, so you are correct - if your AD/CA system goes down and you have not built in redundancy into your network environment youwould not be able to authenticate with your AMT systems and so you would not be able to manage them until those systems were back on line.

Any other responses from our Forum Users?

Follow me on Twitter: @GaelHof Facebook: https://www.facebook.com/gh.intelblogs

Login to leave a comment.