With Intel AMT platforms operating outside the enterprise firewall and the MPS operating inside the firewall, the firewall must be configured to allow traffic to flow between the Intel AMT platforms and the MPS. Further, the MPS may be in a DMZ, with another firewall between it and the Management Consoles.
Depending on installation policy, the external firewall must be configured to allow packets addressed to the incoming port and to the outgoing ports to cross the firewall.
Outgoing Ports
Intel AMT accepts the following ports:
|
Port |
Use |
|
16992 |
SOAP over TCP |
|
16993 |
SOAP over TLS |
|
16994 |
Redirection over TCP |
|
16995 |
Redirection over TLS |
|
623 |
DASH over TCP |
|
664 |
DASH over TLS |
Incoming Ports
Intel AMT platforms access the MPS using the port defined when the platform was configured (see MPS Configuration Parameters).
Apache as the Inner Firewall
The Apache server, used as a proxy server, filters incoming and outgoing packets in flows between Intel AMT platforms and Management Consoles. The consoles determine their own ports for each session they manage. The outgoing ports are the standard ones listed above. The Apache configuration contains an AllowCONNECT statement that lists the Intel AMT ports that Apache will accept. See Proxy Server Configuration.
|
Copyright © 2006-2022, Intel Corporation. All rights reserved. |