CIM Elements
The following table describes the CIM elements used to implement the Remote Access feature.
|
Element Name |
Description |
Instance Creation** |
Cardinality |
|
Classes | |||
|
Represents a Management Presence Remote Service Access Point (or an MPS) to be accessed by the Intel AMT subsystem from remote. |
User |
0 – 4
| |
|
Represents a username and password used to access an MPS. |
Implicit |
0 – 4 | |
|
Represents an X.509 Certificate in the Intel AMT certificate store. |
Implicit |
0 – 4 | |
|
Represents the Remote Access feature capabilities. |
Static |
1 | |
|
Represents a Remote Access policy. The policy defines a condition that will trigger the establishment of a tunnel between the Intel AMT subsystem and a remote MPS. The policy also defines parameters for the connection such as TunnelLifeTime in seconds. |
User |
0 – 3
| |
|
Represents the Remote Access Service in the Intel AMT subsystem. |
Static |
1 | |
|
Represents the user initiated connection service in the Intel AMT subsystem. |
Static |
1 | |
|
Associations | |||
|
Associates between an instance of AMT_ManagementPresenceRemoteSAP and the credential it uses. |
Implicit |
0 – 4 | |
|
Associates a Management Presence Server with a Remote Access Policy rule. When a Policy Rule is triggered, the Intel AMT subsystem will attempt to connect to the MPSs associated with the triggered policy in the order by which the associations were created. This order is indicated in the OrderOfAccess field where lower numbers indicate a higher priority. |
Implicit |
0 - 6 1 or 2 per instance of AMT_RemoteAccessPolicyRule | |
|
Represents the association between ManagedElements and their Capabilities. Note that the cardinality of the ManagedElement reference is Min(1), Max(1). This cardinality mandates the instantiation of the ElementCapabilities association for the referenced instance of Capabilities. ElementCapabilities describes the existence requirements and context for the referenced instance of ManagedElement. Specifically, the ManagedElement MUST exist and provides the context for the Capabilities. |
Static |
1 | |
|
Associates between a Service and the System on which the functionality is located. The cardinality of this association is one-to-many. A System can host many Services. Services are weak with respect to their hosting System. Heuristic: A Service is hosted on the System where the LogicalDevices or SoftwareFeatures that implement the Service are located. The model does not represent Services hosted across multiple systems. The model is as an ApplicationSystem that acts as an aggregation point for Services that are each located on a single host. |
Static |
1 | |
|
An association that links a PolicyRule to the System in whose scope the Rule is defined. |
Implicit |
2 | |
|
Describes an element's knowledge regarding accessing other (i.e., remote) Servers and Systems. |
Static |
0 - 4 1 per instance of AMT_ManagementPresenceRemoteSAP | |
|
Represents an association between a Service and the ManagedElements that might be affected by its execution. Instantiating this association indicates that running the service may change, manage, provide functionality for, or pose some burden on the ManagedElement. This burden might affect performance, throughput, availability, and so on. |
Implicit |
0 – 6 1 or 2 per instance of AMT_RemoteAccessPolicyRule | |
|
Associates between instances of AMT_RemoteAccessPolicyRule and AMT_ManagementPresenceRemoteSAP |
Implicit |
0-6 1 or 2 per instance of AMT_RemoteAccessPolicyRule | |
|
** Instance Creation: • Implicit: Instances created implicitly by Intel AMT in response to a user CIM operation • Static: Instances created by Intel AMT on initialization • User: The class supports create/delete | |||
|
|
|
AMT_ManagementPresenceRemoteSAP instance (MPS) can be added with one of two different authentication methods: “Username/Password” or “Mutual Authentication using a certificate”. Because of this constraint, cardinality of AMT_MPSUsernamePassword and AMT_PublicKeyCertificate instances is limited to match a number of AMT_ManagementPresenceRemoteSAP instances, set to a particular authentication method. For example: There are two instances of AMT_ManagementPresenceRemoteSAP (two different MP Servers), one is set to “Username + Password” authentication, and the other one to “Mutual”. In this case there will be one instance of AMT_MPSUsernamePassword and one instance of AMT_PublicKeyCertificate. |
Note:
The following diagram illustrates the CIM elements used in the Remote Access feature.
|
Copyright © 2006-2022, Intel Corporation. All rights reserved. |