Functionality to Realm Mapping
|
|
|
Starting with Release 6.1, all realms that were accessible only remotely are now also accessible locally. See Realm Names and Realm Shortcuts for a list of WS-Management realm names mapped to the realm names in this table. |
Note:
|
Functionality |
Realm |
Function |
Local |
Remote |
|
Security Administration |
PTAdministrationRealm |
Manages security control data, such as Access Control Lists, Kerberos parameters, and Transport Layer Security. This permission is required for both user creation and management mechanism. |
− |
√ |
|
Power Settings |
PTAdministrationRealm |
Manages power saving options and power packages. |
− |
√ |
|
Provisioning |
PTAdministrationRealm |
Performs the functions required for Intel AMT setup and configuration. |
− |
√ |
|
Network Administration |
PTAdministrationRealm |
Configures local network options. These are usually configured with a DHCP server, but can be configured directly using this interface. |
− |
√ |
|
NetworkTimeRealm |
Used to set the clock in the Intel AMT device and synchronize it to network time. Can be assigned to a separate user who has limited administrative privileges. |
− |
√ | |
|
Hardware Asset |
HardwareAssetRealm |
Used to retrieve information about the hardware inventory of the platform. |
− |
√ |
|
Remote Control |
RemoteControlRealm |
Enables powering a platform up or down remotely. Used in conjunction with the Redirection capability to boot remotely. |
− |
√ |
|
Event Manager and User Notification |
EventManagerRealm |
Allows configuring hardware and software events to generate alerts and to send them to a remote console and/or log them locally. |
− |
√ |
|
LocalUN |
Provides alerts to a user on the local interface. Used by User Notification Service to communicate with Intel AMT. |
√ |
− | |
|
EventLogReaderRealm |
Controls access for reading the Intel AMT event log. |
√ |
√ | |
|
Storage |
StorageAdminRealm |
Used to configure the global parameters that govern the allocation and use of non-volatile storage. |
− |
√ |
|
StorageRealm |
Used to access, configure, manage, write to and read from non-volatile user storage. |
√ |
√ | |
|
Redirection |
RedirectionRealm |
Enables and disables the redirection capability and retrieves the redirection log. The redirection interface itself is a separate proprietary interface. |
− |
√ |
|
Agent Presence |
AgentPresenceLocal |
Used by an application designed to run on the local platform to report that it is running and to send heartbeats periodically. |
√ |
− |
|
AgentPresenceRemote |
Used to register Local Agent applications and to specify the behavior of Intel AMT when an application is running or stops running unexpectedly. |
− |
√ | |
|
System Defense and Heuristics |
CircuitBreakerRealm |
Used to define filters, counters, and policies to monitor incoming and outgoing network traffic and to block traffic when a suspicious condition is detected. |
− |
√ |
|
General Info |
GeneralInfoRealm |
Returns general setting and status information. With this interface, it is possible to give a user permission to read parameters related to other interfaces without giving permission to change the parameters. |
√ |
√ |
|
Firmware |
FirmwareUpdateRealm |
Used only by OEMs via Intel-supplied tools to update the Intel AMT firmware. These functions are not for general ISV use. |
√ |
− |
|
Endpoint Access Control |
EndpointAccessControl |
Returns settings associated with NAC/NAP posture. |
√ |
− |
|
EndpointAccessControl |
Configures and enables the NAC/NAP posture. Note: Beginning in Intel AMT Release 9.0 NAC is no longer supported. |
− |
√ | |
|
AuditLogRealm |
Configures the Audit Log. |
− |
√ | |
|
User Access Control |
UserAccessControlRealm |
Users can control the properties of their own ACL entries. |
√ |
√ |
|
Remote Connectivity |
RcsRealm |
Reserved for Remote Connectivity provisioning mode |
− |
√ |
|
Copyright © 2006-2022, Intel Corporation. All rights reserved. |