Test Engine Graphical User Interface

The Remote Encryption Management SDK provides a sample graphical interface to help with exercising all steps within the process for remotely managing secure hard disk drives (HDD) in an Intel AMT system.

The following sections describe how to use the Test Engine GUI:

   Client List View

   Client View

   Edit Drive Form

   Typical Usage Flow

 

Client List View

The following figure and table describe the options available in the Client List View.

 

Option

Description

Client List Tab

Import Client List

Loads a previously saved clients list xml file.

Save Clients List:

Saves the current clients list to xml file.

Add New Client

Adds a new client to the clients list. When clicked, the Client View opens where data for a new client can be specified.

Work with Selected Client

Opens the Client View for the selected (highlighted) client.

Remove Selected Client

Removes the selected (highlighted) client from the clients list.

Unlock Checked Clients

Starts the auto unlock process for all clients in the clients list whose check boxes are selected.  Will attempt to start Remote Encryption Management service and unlock all drives listed for each individual client.

ISO Path

Specifies the path to a Remote Encryption Management ISO if non-default ISO should be used.

Use WS-MAN

When selected, specifies that all Intel AMT functionality is implemented using WS-Man interface calls. This option is not supported for clients using MTLS, and requires that WinRM is installed and configured.

Use EOI

When selected, specifies that all Intel AMT functionality is implemented using SOAP EOI calls.

Client List

Displays the following top level data for clients:

     Client Name: FQDN or IP address for client

     Drive Count: The total count of drives listed for the client (total count may include default or unencrypted drives)

     Drive to Unlock: The count of drives to be unlocked for client. (this is the count of drives that will be attempted to unlocked if unlock button is clicked)

     Unlocked Drive Count: The count of drives successfully unlocked for that client after “Unlock Checked Clients” has completed

     REM Service: used to indicate if Remote Encryption Management service is active and running.  This value will change while “Unlock Checked Clients” is running.

     Progress: used to indicate state in unlock flow (starting, unlocking, complete, or error) while “Unlock Checked Clients” is running.

To view additional data for an individual client, select the client and click Work With Selected Client.

Output Section

Output Detail Level

Specifies the level of detail to report in the output area.

Save

Saves the output area toa  file.

Clear

Clears the output area.

Output Area

Displays output when the service is running.

 

Client View

The following figure and table describe the options available in the Client View.

 

Option

Description

Save Client Info

Saves the client information to the clients list.

Back to Client List

Returns from the client view back to the Client List View.  

 

Intel AMT Connection

Host Name

IP Address or fully qualified domain name of Intel AMT client system

AMT User

 Login name for the Intel AMT system user account

AMT Pass

Password for the Intel AMT System user account

No TLS

When selected, indicates that no TLS is used when connecting to the Intel AMT system.

Use TLS

When selected, indicates that TLS is used when connecting to the Intel AMT system.

Use MTLS

When selected, indicates that Mutual TLS is used when connecting to the Intel AMT system. (Enter a value in the Certificate Name field.)

Certificate Name

Common Name of the certificate to use for Mutual TLS

Test Connection

Attempts to verify that a connection to the Intel AMT system can be established based on the provided connection parameters.

If connection is successful the current power state of the system is returned.

Power Up

Issues a power up command to the Intel AMT system.

Power Down

Issues a power down command to the Intel AMT client.

Remote Encryption Management Service

Start Service

Starts a Remote Encryption Management session on a client specified in the Intel AMT Connection section.

Stop Service

 Ends the Remote Encryption Management session.

Check Service Running

Reports if the Remote Encryption Management session is currently running.

Drives

Update Drive List

Updates the drive list based on drives connected to the client system.

Edit Selected Drive

Opens the edit drive window for the selected (highlighted) drive.

Remove Selected Drive

Removes the selected (highlighted) drive from drive list.

Get Checked Drives Info

Gets the drive information for the drives in the drives list whose check boxes are selected.

Unlock Checked Drives

Unlocks the drives in the drives list whose check boxes are selected.

Erase Checked Drives

Issues a secure erase command for the drives in the drives list whose check boxes are selected.  Currently only supported for Seagate Secure Self-Encrypting Drives.

 

Edit Drive Form

The following figure and table describe the options available in the Edit Drive Form.

 

Option

Description

Drive Type

Specifies the drive type:

     Default (no encryption): The drive does not have encryption enabled, or is not one of the supported drive types.

     Seagate* Secure*: The drive is a Seagate* Secure* Self-Encrypting drive type. 

     Opal: The drive supports the Trusted Computing Group (TCG) Opal specification for the Self-Encrypting drive type.

Drive Password

The password to use when unlocking the drive.

Type

Specifies if the password should be treated as a master (administrator) password or a user password.

 

 Typical Usage Flow

 

1.  Click Add New Client to change to the Client View to add a new client.

2.  Specify the client connection parameters.  (Optionally, click Test Connection to verify that the connection parameters are valid.)

3.  Start the service for the client.  Once this service is started the drive list will automatically be updated.

4.  Click Edit Drive to specify the drive parameters for each drive.

5.  Use the checkbox for each drive to indicate if the drive should have drive actions performed against this drive.

6.  Click Save Client Info to save the client information.

7.  Stop the service for the client.

8.  Click Back to Client List.

9.  Repeat steps 1 – 8 for each additional client.

10.          From the Client List View, select the check boxes of the client systems to unlock, and then click Unlock Checked Clients.

Copyright © 2006-2013, Intel Corporation. All rights reserved.