Over the life of the product, there have been changes to Intel AMT features and API functions. The following tables list deprecated features and those features or APIs that have been deleted.
The first table lists deprecated Intel AMT features. Intel’s policy is to announce that a feature is deprecated but to maintain the feature in future releases for at least three years. After three years, the feature may be dropped. Intel reserves the right to maintain a feature for a longer period.
The second table lists deleted Intel AMT APIs, primarily SOAP APIs. Most were replaced by different functionality.
There have been other changes in the product, notably changes in individual APIs from release to release. See Changes in WS-Management Classes between Versions.
Component Affected |
Description |
Intel AMT Release when deprecation was announced |
Access Monitor |
KVM Audit Log Event - KVM Opt-In Disabled |
7.0 (2011) |
Access Monitor |
KVM Audit Log Event - KVM Opt-In Enabled |
7.0 (2011) |
Access Monitor |
KVM Audit Log Event - KVM Consent Succeeded |
7.0 (2011) |
Access Monitor |
KVM Audit Log Event - KVM Consent Failed |
7.0 (2011) |
Access Monitor |
Security Admin Audit Log Event - Provisioning Completed |
6.1 (2010) |
Access Monitor |
Security Admin Audit Log Event - Provisioning Started |
6.1 (2010) |
Alarm Clock |
AMT_AlarmClockService.NextAMTAlarmTime |
8.0 (2011) |
Alarm Clock |
AMT_AlarmClockService.AMTAlarmClockInterval |
8.0 (2011) |
Host Interface support functions |
CFG_GetPID is deprecated as part of the deprecation of TLS-PSK setup and configuration. |
7.0 (2011) |
Host Interface support functions |
CFG_StartConfiguration deprecated in favor of CFG_StartConfigurationEx |
6.0 (2010) |
Host Interface support functions |
CFG_GetAMTSetupAuditRecord deprecated in favor of CFG_GetMESetupAuditRecord. |
6.0 (2010) |
Host Interface support functions |
CFG_GenerateRngSeed deprecated due to built-in hardware mechanism |
3.0 (2008) |
Host Interface support functions |
CFG_GetRngSeedStatus deprecated due to built-in hardware mechanism |
3.0 (2008) |
MEBx/SDK Sample |
USB Key - version 3.0 of the record format - The Provisioning Mode variable (CLI parameter –PM) is deprecated. The choice was between Enterprise (0) and SMB (1). Now, selecting 1 results in manual configuration (for backward compatibility). See the USBFile readme. |
6.0 (2010) |
Platform Solution Manager |
Intel® vPro™ Platform Solution Manager (Intel® vPro™ PSM) is no longer supported. |
Document update: October 2020 |
Posture Validation (NAC) |
Posture Validation (NAC) was deprecated in Intel AMT Release 9.0 and was removed in Intel AMT Release 11.5. |
9.0 (2013) |
Redirection Library |
IMR_SOLOpenTCPSession is deprecated in Intel AMT Release 4.0 and later releases in favor of IMR_SOLOpenTCPSessionEx |
4.0/5.0 (2009) |
Redirection Library |
IMR_IDEROpenTCPSession is deprecated in Intel AMT Release 4.0 and later releases in favor of IMR_IDEROpenTCPSessionEx |
4.0/5.0 (2009) |
Redirection Library |
The CA_File parameter in the SECURITY section of the redirection library ini file is deprecated in favor of the IMR_SetCertificateInfo() library function. See the .ini file documentation. |
2.0 (2006) |
Redirection Configuration |
The MEBx SOL/IDE-R menu item Username and password option that enables “basic authentication” – sending a username and password in the clear to authenticate a redirection session – is deprecated. Use Digest or Kerberos authentication instead. |
7.0 (2011) |
Remote Secure Erase |
The Remote Secure Erase feature is being deprecated. Starting from Intel CSME firmware 20.0, the feature will no longer be available. Intel recommends that customers Intel® Remote Platform Erase instead, available starting Intel CSME firmware 16.0. |
Document update: April 2023 |
Setup and configuration |
STATE_INDEPENDENCE_IsChangeToAMTEnabled deprecated |
9.0 (2013) |
Setup and configuration |
STATE_INDEPENDENCE_ChangeToAMT deprecated |
9.0 (2013) |
Setup and configuration |
CFG_GetProvisioningMode deprecated and ZTC Local Agent sample, which used the API, is removed from the SDK |
9.0 (2013) |
Setup and configuration |
CFG_SetConfigurationServerFQDN deprecated and ZTC Local Agent sample, which used the API, is removed from the SDK |
9.0 (2013) |
Intel® Setup and Configuration Software (Intel® SCS) |
Intel® Setup and Configuration Software (Intel® SCS) is no longer supported since 12/31/2022. For more details, see the End of Life Announcement. To set up and configure the Intel AMT device, there are several tools available, such as Intel® Endpoint Management Assistant (Intel® EMA) and Open AMT Cloud Toolkit, which streamline the Intel AMT provisioning process and provide endpoint manageability capability for IT. |
Document update: February 2023 |
SOAP |
The SOAP (EOI) interface is deprecated in favor of the WS-Management interface. New features are not supported by the SOAP interface. This includes the Storage Library in the SDK. |
6.0 (2010) |
SOAP |
Get8021XWiredProfile deprecated in favor of Get8021XWiredProfileEx |
4.2/5.1 (2010) |
SOAP |
GetWirelessProfile deprecated in favor of GetWirelessProfileEx |
4.2 (2010) |
SOAP |
SetProvisioningMode deprecated |
4.0/5.0 (2009) |
SOAP |
SetRngKey deprecated due to built-in hardware mechanism |
3.0 (2008) |
Storage |
Third Party Data Storage (3PDS) was deprecated, along with the AMT_ThirdPartyDataStorageAdministrationService and AMT_ThirdPartyDataStorageService classes. |
11.0 (2015) |
WS-Management |
The class AMT_EventLogEntry was deprecated in favor of AMT_MessageLog, and eventually removed. Later AMT_EventLogEntry was restored as it was in use by certain ISVs, but is still deprecated. See the SDK for how to work with AMT_MessageLog, the recommended approach. |
Deprecated in 3.2 (2009); removed in 6.0 (2010); restored in 6.1 (2010) |
WS-Management |
AMT_SetupAndConfigurationService.ResetFlashWearOutProtection deprecated (returns indication that it completed successfully, but otherwise does nothing) |
7.0 (2011) |
WS-Management |
AMT_SetupAndConfigurationService the methods GetProvisioningAuditRecord and GetProvisioningAuditRecordV2 are deprecated in favor of the class IPS_ProvisioningAuditRecord |
6.1 (2010) |
WS-Management |
AMT_AgentPresenceWatchdogVA is deprecated. |
6.0 (2010) |
WS-Management |
AMT_TLSSettingData - Use of Mutual Authentication on the local interface is deprecated. |
6.0 (2010) |
Firmware Update |
The firmware update realm is deprecated. |
7.0 (2011) |
Non-TLS Mode |
Starting from Alder Lake platforms with Raptor Lake CPUs running Intel CSME 16.1 firmware, remote connections to Intel AMT unsecure TCP/IP ports 16992, 16994 and 623 are no longer supported. TLS ports 16993, 16995 and 664 must be used for connecting to Intel AMT. |
Document update: May 2023 |
SNMP PET Alerts |
The Intel AMT Event Manager SNMP PET Alerts feature is being deprecated. Starting from Intel ME 18.0 firmware, the feature will no longer be available. The WS-Events feature remains, and will be used instead of SNMP PET alerts. |
Document update: 2020 |
DDNS Support |
Dynamic DNS Update support is being deprecated. Starting from Intel ME 18.0 firmware, the feature will no longer be available. |
Document update: 2020 |
SHA1 Root Certificates and RSA Key Sizes Smaller than 2048 Bits |
In Intel ME 11.0 the default SHA1 certificate hashes were removed from the firmware. Hashes could still be added in manufacturing, or through the MEBX or WS-MAN commands. Starting from Intel ME 15.0 firmware for H platform, and Intel ME 16.0 firmware for all platforms, Intel is removing support of SHA1 root certificates and RSA key sizes smaller than 2048 bits for Intel AMT provisioning. In those releases and later, it is no longer possible to add SHA1 hashes, and none of the certificates in the certificate chain can be SHA1-based, including the root certificate. |
Document update: 2021 |
Embedded Host Based Configuration (EHBC) |
Starting from Intel CSME 15.0.35.1879, Intel CSME 16.0 and Intel CSME 17.0 firmware, the Embedded Host Based Configuration (EHBC) feature will no longer be available. |
Document update: 2021 |
Web UI |
Intel plans, in future platforms, to remove the option of connecting to Intel AMT via the Web UI application. Instead, customers will have the option of downloading a web application to the Intel CSME firmware and interacting with the web application via a browser. This will provide similar functionality to that of the Web UI, but will require the additional initial step mentioned. The date for removal of the Web UI has not yet been decided. |
Document update: 2021 |
Endpoint Access Control (EAC) |
Intel is removing the Endpoint Access Control (EAC) feature, including Intel® AMT support for Network Access Protection (NAP), from the Intel® CSME firmware. Starting with Intel CSME 18.0, the feature is no longer supported. |
Document update: 2021 |
TKIP and WEP Encryption Methods |
Intel has removed Intel AMT support for the WEP and TKIP 802.11 encryption methods, starting from Intel CSME firmware running on Tiger Lake-H platforms. This also means that mixed TKIP/CCMP WiFi access-point mode is no longer supported by the Intel CSME WiFi stack. To allow Intel CSME WiFi connectivity, all crypto modes utilizing TKIP must be disabled in the AP. Note: In "pipe" mode the WiFi connection (including encryption/decryption algorithm selection on WiFi connection establishment) is handled by the host operating system WiFi stack. In this mode, the data packets are sent to Intel AMT after they have been decrypted by the host side WiFi. In this mode there is currently no restriction in Intel CSME on the WiFi encryption protocols selected by the operating system. However, switching an TKIP or WEP based Intel AMT connection from the host to Intel CSME side WiFi will cause WiFi connection termination. |
Document update: 2021 |
RFB version 4.0 |
The RFB 4.0 protocol is being deprecated. Starting Intel CSME 21 (Panther Lake platform) it will no longer be supported. The KVM server will support RFB versions 3.8 or before. |
Document update: 2024 |
Component Affected |
Description |
Deprecation |
Obsolete since |
Firmware update |
Firmware Update WS-Management and SOAP functionality was removed. |
FW Update Realm 7.0 (2011) |
FW Update functionality 7.0 (2011) |
Intel® Small Business Technology Platform |
Support for this feature ended in Release 11.6, and it was removed in Release 12.0. |
11.6 (2017) |
12.0 (2018) |
SOAP |
All Intel AMT SDK SOAP components and all support for SOAP functionality |
6.0 (2010) |
9.0 (2012) |
SOAP |
GetPowerSavingOptions |
2.5 (2007) |
6.0 (2010) |
SOAP |
GetTcpIpParameters |
2.5 (2007) |
6.0 (2010) |
SOAP |
GetTLSCertificate |
2.5 (2007) |
6.0 (2010) |
SOAP |
SetPowerSavingOptions |
2.5 (2007) |
6.0 (2010) |
SOAP |
SetTcpIpParameters deprecated in favor of SetInterfaceSettings |
2.5 (2007) |
6.0 (2010) |
SOAP |
SetTLSCertificate deprecated in favor of CertStoreAddCertificate |
2.5 (2007) |
6.0 (2010) |
SOAP |
SetTLSKeyAndCertificate deprecated in favor of CertStoreAddCertificate() and SetTLSCredentials(). |
2.5 (2007) |
6.0 (2010) |
SOAP |
SubscribeForAlert, EnumerateAlertSubscriptions |
2.5 (2007) |
6.0 (2010) |
SOAP |
AddUserAclEntry deprecated in favor of AddUserAclEntryEx |
2.0 (2006) |
4.0 (2009) |
SOAP |
GetUserAclEntry |
2.0 (2006) |
4.0 (2009) |
SOAP |
SetAdminAclEntry |
2.0 (2006) |
4.0 (2009) |
SOAP |
SetEventLogTimestampClock |
2.0 (2006) |
4.0 (2009) |
SOAP |
SetTlsEnabled |
2.0 (2006) |
4.0 (2009) |
SOAP |
UpdateUserAclEntry |
2.0 (2006) |
4.0 (2009) |
SOAP |
SetVlanParameters/GetVlanParameters not supported on any mobile platforms – releases 2.5/6, 4.x, 6.x and later releases |
| |
TLS |
Support for TLS 1.0 was removed, and support for TLS 1.2 was added in its place. |
|
12.0 (2018) |
TLS |
Starting from Intel CSME 15.0 firmware for desktops, and Intel CSME 16.0 firmware for all platforms, Intel has removed support for TLS 1.1. |
|
15.0/16.0 |
WS-Management |
IPS_IdentityProtectionTechnologyService was included only in Release 6.0. |
|
6.1 (2010) |
WS-Management |
AMT_HeuristicsPacketFilterSettings support is deprecated as part of heuristic policies deprecation. |
10.0 (2014) |
12.0 (2018) |
WS-Management |
AMT_HeuristicsPacketFilterStatistics support is deprecated as part of heuristic policies deprecation. |
10.0 (2014) |
12.0 (2018) |
WS-Management |
AMT_HeuristicsPacketFilterInterfacePolicy support is deprecated as part of heuristic policies deprecation. |
10.0 (2014) |
12.0 (2018) |
Redirection Library |
The CA_File parameter in the SECURITY section of the redirection library ini file is deprecated in favor of the IMR_SetCertificateInfo() library function. See the .ini file documentation. |
|
2.0 (2006) |
Host Interface support functions |
CFG_StartConfiguration deprecated in favor of CFG_StartConfigurationEx |
6.0 (2010) |
9.0 (2013) |
Host Interface support functions |
CFG_GetAMTSetupAuditRecord deprecated in favor of CFG_GetMESetupAuditRecord. |
6.0 (2010) |
9.0 (2013) |
Host Interface support functions |
CFG_GetRngSeedStatus deprecated due to built-in hardware mechanism |
3.0 (2008) |
9.0 (2013) |
Host Interface support functions |
CFG_GenerateRngSeed deprecated due to built-in hardware mechanism. |
3.0 (2008) |
6.0 (2010) |
Setup and configuration |
TLS–PSK setup and configuration method deprecated |
7.0 (2011) |
11.0 (2015) |
SHA1 Root Certificates and RSA Key Sizes Smaller than 2048 Bits |
In Intel ME 11.0 the default SHA1 certificate hashes were removed from the firmware. Hashes could still be added in manufacturing, or through the MEBX or WS-MAN commands. Starting from Intel ME 15.0 firmware for desktops, and Intel ME 16.0 firmware for all platforms, Intel is removing support of SHA1 root certificates and RSA key sizes smaller than 2048 bits for Intel AMT provisioning. In those releases and later, it is no longer possible to add SHA1 hashes. |
Document update: 2020 | |
Small Medium Business Mode (SMB) |
SMB mode was removed starting from Release 6.0. See Intel AMT MEBX Setup Types. |
|
6.0 (2010) Document update: 2021 |
See Also: |
Copyright © 2006-2022, Intel Corporation. All rights reserved. |