Detailed Description

Intel AMT devices on mobile platforms typically operate in two distinct network environments: Enterprise networks and Non-Enterprise networks such as public hot-spots or home networks.

The Environment Detection feature is used to discover which type of network the computer is operating in so that the following policies and protocols can be set accordingly:

   Network Connectivity Protocols: When an Intel AMT system is connected to a Non-Enterprise network, either the Remote Access feature or the Host VPN must be used to connect to a management console operating within the Enterprise network.

   System Defense Policies: Different network environments require different settings in the System Defense Policies.

To enable the Intel AMT to detect the network environment it is currently operating in, the ISV application must specify a set of “rules” to assist in the detection. The following rule sets are available for Intel AMT:

   Local DNS Suffix, provided by DHCP server (DHCPv4 option 15 and DHCPv6 option 24). The ISV application configures a set of domain strings used by the Enterprise. For example, if the enterprise uses the domains  a.com and b.com, the ISV application should specify these domains strings for environment detection. The suffix list configured by this command must include the Enterprise domain suffixes for ALL local host connections, including VPN connections and all direct network connections (wired or wireless).

   IPv6 network prefixes: Specify the IPv6 network used in the enterprise IPv6 network. For example, if the router is advertising the prefix 5555::/64, the ISV application should specify this prefix as a rule.

 Note:

   Mis-configuration of the local domain suffix list (e.g. a suffix is missing from the list) may break connectivity with Intel AMT.

   Environment detection does not take place when Intel AMT is configured for Static IP mode.

 

See Also:

   Utilizing the Host VPN

 

Copyright © 2006-2022, Intel Corporation. All rights reserved.