Functionality to Realm Mapping

 Note:

Starting with Release 6.1, all realms that were accessible only remotely are now also accessible locally.

See Realm Names and Realm Shortcuts for a list of WS-Management realm names mapped to the realm names in this table.

 

Functionality

Realm

Function

Local

Remote

Security Administration

PTAdministrationRealm

Manages security control data, such as Access Control Lists, Kerberos parameters, and Transport Layer Security. This permission is required for both user creation and management mechanism.


(Rel. 6.1 and later: √)

Power Settings

PTAdministrationRealm

Manages power saving options and power packages.


(Rel. 6.1 and later: √)

Provisioning

PTAdministrationRealm

Performs the functions required for Intel AMT setup and configuration.


(Rel. 6.1 and later: √)

Network Administration

PTAdministrationRealm

Configures local network options. These are usually configured with a DHCP server, but can be configured directly using this interface.


(Rel. 6.1 and later: √)

NetworkTimeRealm

Used to set the clock in the Intel AMT device and synchronize it to network time. Can be assigned to a separate user who has limited administrative privileges.


(Rel. 6.1 and later: √)

Hardware Asset

HardwareAssetRealm

Used to retrieve information about the hardware inventory of the platform.


(Rel. 6.1 and later: √)

Remote Control

RemoteControlRealm

Enables powering a platform up or down remotely. Used in conjunction with the Redirection capability to boot remotely.


Rel. 6.1 and later: √)

Event Manager and User Notification

EventManagerRealm

Allows configuring hardware and software events to generate alerts and to send them to a remote console and/or log them locally.


(Rel. 6.1 and later: √)

LocalUN

Provides alerts to a user on the local interface. Used by User Notification Service to communicate with Intel AMT.

EventLogReaderRealm

Controls access for reading the Intel AMT event log.

Storage

StorageAdminRealm

Used to configure the global parameters that govern the allocation and use of non-volatile storage.


(Rel. 6.1 and later: √)

StorageRealm

Used to access, configure, manage, write to and read from non-volatile user storage.

Redirection

RedirectionRealm

Enables and disables the redirection capability and retrieves the redirection log. The redirection interface itself is a separate proprietary interface.


(Rel. 6.1 and later: √)

Agent Presence

AgentPresenceLocal
Realm

Used by an application designed to run on the local platform to report that it is running and to send heartbeats periodically.

AgentPresenceRemote
Realm

Used to register Local Agent applications and to specify the behavior of Intel AMT when an application is running or stops running unexpectedly.


(Rel. 6.1 and later: √)

System Defense and Heuristics

CircuitBreakerRealm

Used to define filters, counters, and policies to monitor incoming and outgoing network traffic and to block traffic when a suspicious condition is detected.


(Rel. 6.1 and later: √)

General Info

GeneralInfoRealm

Returns general setting and status information. With this interface, it is possible to give a user permission to read parameters related to other interfaces without giving permission to change the parameters.

Firmware
Update

FirmwareUpdateRealm

Used only by OEMs via Intel-supplied tools to update the Intel AMT firmware. These functions are not for general ISV use.

Endpoint Access Control

EndpointAccessControl
Realm

Returns settings associated with NAC/NAP posture.

EndpointAccessControl
AdminRealm

Configures and enables the NAC/NAP posture.

Note: Beginning in Intel AMT Release 9.0 NAC is no longer supported.


(Rel. 6.1 and later: √)

Secure Audit Log/Access Monitor

AuditLogRealm

Configures the Audit Log.


(Rel. 6.1 and later: √)

User Access Control

UserAccessControlRealm

Users can control the properties of their own ACL entries.

Remote Connectivity

RcsRealm

Reserved for Remote Connectivity provisioning mode


(Rel. 6.1 and later: √)

Copyright © 2006-2013, Intel Corporation. All rights reserved.