CIM Elements

The following table describes the CIM elements used to implement the Remote Access feature.

Element Name

Description

Instance Creation**

Cardinality

Classes

AMT_ManagementPresenceRemoteSAP

Represents a Management Presence Remote Service Access Point (or an MPS) to be accessed by the Intel AMT subsystem from remote.

User

0 – 4

 

AMT_MPSUsernamePassword

Represents a username and password used to access an MPS.

Implicit

0 – 4

AMT_PublicKeyCertificate

Represents an X.509 Certificate in the Intel AMT certificate store.

Implicit

0 – 4

AMT_RemoteAccessCapabilities

Represents the Remote Access feature capabilities.

Static

1

AMT_RemoteAccessPolicyRule

Represents a Remote Access policy. The policy defines a condition that will trigger the establishment of a tunnel between the Intel AMT subsystem and a remote MPS. The policy also defines parameters for the connection such as TunnelLifeTime in seconds.

User

0 – 3

 

AMT_RemoteAccessService

Represents the Remote Access Service in the Intel AMT subsystem.

Static

1

AMT_UserInitiatedConnectionService

Represents the user initiated connection service in the Intel AMT subsystem.

Static

1

Associations

AMT_RemoteAccessCredentialContext

Associates between an instance of AMT_ManagementPresenceRemoteSAP and the credential it uses.

Implicit

0 – 4
1 per instance of AMT_ManagementPresenceRemoteSAP

AMT_RemoteAccessPolicyAppliesToMPS

Associates a Management Presence Server with a Remote Access Policy rule. When a Policy Rule is triggered, the Intel AMT subsystem will attempt to connect to the MPSs associated with the triggered policy in the order by which the associations were created. This order is indicated in the OrderOfAccess field where lower numbers indicate a higher priority.

Implicit

0 - 6

1 or 2 per instance of AMT_RemoteAccessPolicyRule

CIM_ElementCapabilities

Represents the association between ManagedElements and their Capabilities. Note that the cardinality of the ManagedElement reference is Min(1), Max(1). This cardinality mandates the instantiation of the ElementCapabilities association for the referenced instance of Capabilities. ElementCapabilities describes the existence requirements and context for the referenced instance of ManagedElement. Specifically, the ManagedElement MUST exist and provides the context for the Capabilities.

Static

1

CIM_HostedService

Associates between a Service and the System on which the functionality is located. The cardinality of this association is one-to-many. A System can host many Services. Services are weak with respect to their hosting System. Heuristic: A Service is hosted on the System where the LogicalDevices or SoftwareFeatures that implement the Service are located. The model does not represent Services hosted across multiple systems. The model is as an ApplicationSystem that acts as an aggregation point for Services that are each located on a single host.

Static

1

CIM_PolicyRuleInSystem

An association that links a PolicyRule to the System in whose scope the Rule is defined.

Implicit

2

CIM_RemoteAccessAvailableToElement

Describes an element's knowledge regarding accessing other (i.e., remote) Servers and Systems.

Static

0 - 4

1 per instance of AMT_ManagementPresenceRemoteSAP

CIM_ServiceAffectsElement

Represents an association between a Service and the ManagedElements that might be affected by its execution. Instantiating this association indicates that running the service may change, manage, provide functionality for, or pose some burden on the ManagedElement. This burden might affect performance, throughput, availability, and so on.

Implicit

0 – 6

1 or 2 per instance of AMT_RemoteAccessPolicyRule

CIM_PolicySetAppliesToElement

Associates between instances of AMT_RemoteAccessPolicyRule and AMT_ManagementPresenceRemoteSAP

Implicit

0-6

 1 or 2 per instance of AMT_RemoteAccessPolicyRule

** Instance Creation:

     Implicit: Instances created implicitly by Intel AMT in response to a user CIM operation

     Static: Instances created by Intel AMT on initialization

     User: The class supports create/delete

 

 Note:

AMT_ManagementPresenceRemoteSAP instance (MPS) can be added with one of two different authentication methods: “Username/Password” or “Mutual Authentication using a certificate”. Because of this constraint, cardinality of AMT_MPSUsernamePassword and AMT_PublicKeyCertificate instances is limited to match a number of AMT_ManagementPresenceRemoteSAP instances, set to a particular authentication method.

For example: There are two instances of AMT_ManagementPresenceRemoteSAP (two different MP Servers), one is set to “Username + Password” authentication, and the other one to “Mutual”. In this case there will be one instance of AMT_MPSUsernamePassword and one instance of AMT_PublicKeyCertificate.

 

The following diagram illustrates the CIM elements used in the Remote Access feature.

 

Copyright © 2006-2022, Intel Corporation. All rights reserved.