Intel vPro Technology contains essentially two different methods to perform systems management. Intel AMT is a BMC in that it contains its own microcontroller and doesn't use the CPU. As such, it's limited in the processing it can do (for example, filtering only a single packet at a time). Alternatively, you can us a Light-Weight VMM to run an appliance on a separate management OS. This gives you much greater power (performing disk scans or monitoring networking patterns) at the cost of complexity and system resources (main-CPU, hard disk). [Full disclosure, the AMT SDK is public, the Intel LVMM won't be released until next year].
- Works even when the hard drive crashes
- Doesn't bump the system into a higher power state
- Limited capability and performance
- No hard-drive access
- Full access to hard-drive and processor
- PC-like development
- Depends on same hardware components, so vulnerable to hardware failures
- Greater power consumption (not a lot, especially if running out of flash, see below)
- Requires TPM for best security
The virtual appliance could potentially be put in flash memory (AMT runs its microcode out of flash). This would reduce the hard drive crash vulnerability, but would increase system cost as the flash space would need to accomodate much more than the AMT version.
I could see a high-bred model, using AMT for console redirection and simple filter triggers and a virtual appliance to handle complex operations, but then management vendors need to support both models.
So do you think AMT is complementory to virtual appliances, or do they solve the same problem?