The need for remote PC management has always been an issue that only increases with the size of your business. Intel wants vPro to be your perfect, OS-independent hardware-level management solution.
I am the author of Intel AMT Command and Intel AMT Director, two of the tools mentioned in this piece. In my own labs here in Oregon, I can often get people to go WOW at my demos of Intel AMT, it's certainly fun stuff.
The piece is exactly correct that Intel AMT Commander is a developer tool. Don't try to get Intel support for it. Still, if anyone happens to own a vPro or Centrino Pro computer and just wants to play around, The tools are freely available as part of the Intel AMT DTK located here:
I own a vPro computer at home and it's certainly cool to have a built-in web site in your computer that can be accessed even if the computer is in soft-off but I also manage to perform cool tricks. In my most famous trick, I use Intel AMT to VNC into a computer that has all it's network drivers disabled. I then use the VNC session to re-enable the network drivers and all this, using only the Ethernet port!
I am the author of Intel AMT Command and Intel AMT Director, two of the tools mentioned in this piece. In my own labs here in Oregon, I can often get people to go WOW at my demos of Intel AMT, it's certainly fun stuff.
The piece is exactly correct that Intel AMT Commander is a developer tool. Don't try to get Intel support for it. Still, if anyone happens to own a vPro or Centrino Pro computer and just wants to play around, The tools are freely available as part of the Intel AMT DTK located here:
I own a vPro computer at home and it's certainly cool to have a built-in web site in your computer that can be accessed even if the computer is in soft-off but I also manage to perform cool tricks. In my most famous trick, I use Intel AMT to VNC into a computer that has all it's network drivers disabled. I then use the VNC session to re-enable the network drivers and all this, using only the Ethernet port!
Ylian
Ylian, first of all, this does indeed look like a very interresting set of tools. I was about to ask if the tools had an implementation in .NET (I am a hobbyist programmer, and .NET makes life much simpler ) , and low an behold .NET v2.0 is plastered all over the first paragraph on Intels AMT page
Anyhow, I think some clarification is needed. In the article it says that p965 or q965 chipsets are required, then goes on to mention that said processors must have Intels version of VT enabled. Maybe I am not seeing the big picture here, but as far as I know VT (Virtualization Technology) is for something completely different, such as running HVM mode using Virtualization software (The ability to run 32 bit domains under a 64 bit Hypervisor, run a windows DomU from a *NIX Dom0, etc.). Is this 'software' in fact a Virtual Machine ?
Anyhow, not to toss the competition in any ones face here, but AMDs VT (AMD-V, Pacifica, whatever you want to call it . . .) does not require having a BIOS that supports their own implementation of VT, and I was rather hoping Intel would do the same thing. After reading that this technology requires a certain chipset, I have to assume that Intel VT will continue to nessesitate a BIOS implementation as well, which is not what I hoping for. Now, in case anyone is wondering if I watch the Virtualization scene fairly close, yes, I do . . .
Now I also understand that Intel does not officially support this software, but I think for it to be taken seriously, there should be at least a hardware list of compatable motherboards/CPUs, and perhaps a Forum for followers ( I missed it on your blog page ? ). This is not to say I am bashing you, or Intel, quite the contrary actualy, I see a lot of potential here, and forsee your employer fully embracing this technology some day.
Your absolutely correct about VT not being required. VT and Virtual Appliance are both features of vPro, but they have little to do with Intel AMT. You can use Intel AMT with VT turned off and so, the article should really be corrected. Intel AMT does not run visualized.
Intel AMT runs on it's own little processor on the computer's north-bridge. We call is the "Management Engine", it does require that RAM be installed in the first bank and steals a little RAM away from the OS. Otherwise, in theory it could run without a processor being installed. Intel AMT is software running on the Management Engine that is located in the firmware along with the BIOS. We also put hardware network filters in the NIC to steal TCP ports 16992 to 16994 and route them to Intel AMT. As a result, connections to these ports on Intel AMT computers will never be seen by the OS.
It's too bad the article does not talk about the technical details of Intel AMT. Many enthusiasts would really have a great time learning about the details.
As for the list of supported motherboards, my tools should support all motherboards that support Intel AMT. At which point, it's like any other feature on motherboards, you have to look for it. For system integrators, the vPro sticker required Intel AMT to be present.
Yes, the Intel AMT DTK is all built in C#, I also have some source code available for people to play around with and built there own tools & applications. As for my employer, it fully supports Intel AMT but it may take a few more months for them to come around to support my tool set.
I have been aware of VPro for a while now and when I saw this article I was hoping I'd see in the review some of the tools you can use to manage the PC, I was surprised that only the Intel developer centric tools were the only ones mentioned.
I am a network administrator and I have to say this is OK technology but it isn't that important in real life day to day admin work. The last company I worked for used lots of Dell and I took the time to set up their tool set which if memory serves was called OpenManage. I casually used it from time to time but would not consider it indispensible and really wouldn't consider anything like that or VPro to be a make or break feature for me. Even in the server world I tend to not use this kind of stuff - I can use VNC or Remote Desktop or a variety of IP KVM's like Raritan or ATEN to accomplish many remote tasks - if something is really screwed it usually requires a visit to the box anyway! I have several HP servers that have what I think they call ILO in them and it does much of this kind of junk... I have never bothered to use it.
I think you are right on, if all of this management technology is going to be complicated to setup and run, why bother. I would agree with you that some of the software I have seen, including Intel's own Setup and Configuration Server (SCS) is very difficult to setup and use. You need training on it and lots of patience.
Hopefully Intel AMT Commander and Intel AMT Director will show how it's possible to build click & run software that makes use of Intel AMT without brain surgery. You probably are a great candidate for usage studies at Intel, we could learn lots from people that use this stuff. What hardware and software features would it take for it to be really useful for you? As developers, we may sometimes just build this stuff and lose track of the real users.
Yes, the Intel AMT DTK is all built in C#, I also have some source code available for people to play around with and built there own tools & applications.
Sounds great, unfortunately for me however, both of my latest systems are based on 'the competitions' platform, I have been wanting to move to C2D though . . .
Other problems abound as well, such as: so far, only non enthusiast boards/ systems support AMT, and since I am first a gamer/enthusiast (gaming is why I first got serious into computer years ago), this is a big minus for AMT. Also, knowing what parts you need for doing exactly whatever it is you want to do, seeems to be daunting( keep in mind I know PC hardware very well, as well as most interresting technology ).
Now, that being said, the following is not meant to hurt feelings, but if it boiled down to buying hardware just for AMT, I personally would never do this. However, if in the future, the technology becomes more standarized, and more common, I would give it some serious consideration. MSI does make some very decent Intel based motherboards, so the one reviewed, I would have zero problems buying, if it were more reliable concerning AMT, and offered a bit more jazz in the enthusiast arena (but it is very similar to the motherboard I have in my most current system, minus very good overclocking features; stability I can not speak of, since I do not have one of these MSI boards . . .).
So . . . for now, I am stuck without AMT with my current platform, but after watching a couple of videos last night on AMT, my curiosity is deffinately peaked. The ability to boot from a remote image file ( without using PXE?! ) is enough to keep even the most nerdy of us busy for a long, long time to come.
What hardware and software features would it take for it to be really useful for you? As developers, we may sometimes just build this stuff and lose track of the real users.
Well, this comment was not directed at me, but I'll give you some food for thought. Also, keep in mind I am not a system administrator in any sort of data center, etc.
1) The ability to hard power on a machine remotely (unless I'm mistaken, I think this is already covered). Remote desktop is fun, and handy, but it will not do this
2) The ability to send remote debugging messeges (Said machine BSoD's, or Locked up in *NIX? Email me a messege giving me a memory dump, and/or other usefull info)
3) The ability to lock out all remote communications (aimed at AMT), except for a given range, or single address (is this covered already?) Something similar to ALLOW/DENY lists in *NIX would work well I think.
I will have to read up on vPro/AMT, and see what all is possible, and perhaps I will come up with some more ideas
1. is covered by Intel AMT. It's probably the easiest yet, most used Intel AMT feature. Secure power up, power down, soft and hard reset.
2. Intel AMT can send out SNMP Traps alerts for all kinds of things... reboots, case intrusion, etc. You just have to subscribe to get them. There is also a feature to monitor running applications and send a message back if the application stops (or computer freezes). It's called the watchdog feature.
3. At Intel, we prefered locking out people based on TLS certificate rather than IP address range, it's a lot more secure. You can also create a few accouts in Intel AMT with restricted privilages (say, a monitoring only account).
One thing I keep in mind with all this is that, even with an impressive set of feature, if the software is difficult to use, it's no good. This reminds me, I think it's annoying that Intel AMT can't remotely read fan speeds. Something that big servers can do. Otherwise, Intel AMT can generally do more than most management solutions.
By the way, we have a idea contest going on for Intel AMT on the Intel web site: http://softwarecommunity.intel.com [...] fault.aspx. If you have a good idea around Intel AMT and using it for something cool, it's probably one of the easiest contest to win ever.
Just noticed that you posted two mails. On the first one regarding gamer/enthusiast and Intel AMT, it's a great comment. Generally, Intel like others have "extreme edition" gear with no compromises. I think it would be great to have Intel AMT in such boards, especially since it's probably there anyway and "fused off" depending on the chipset you get.
I have an Intel "BadAxe" board as my main dev machine and it's exactly the type of board you would expect a gamer to use... except that it's the older Intel AMT 1.0 that was short lived and I don't recommend you get anything less than Intel AMT 2.0, which is the current version. Centrino Pro laptops will have AMT 2.5, but it's the same as 2.0 with wireless added. I think BadAxe II is coming out at some point, but I don't know any specs.
In any case, I should hope our high-end Intel chip sets will have Intel AMT support, it would certainty be really cool.
wow i dont get why you got voted 1 star on this new thread
who gave pschmid a 1 star vote and why?
Probably because the article had a bit is mis-information in it, but who knows for sure. Most of the article as far as I can tell was correct, but the part concerning VT being for vPro/AMT is incorrect as far as I know.
Anyhow, most of the people this article would interrest, would probably know this already.
One thing I keep in mind with all this is that, even with an impressive set of feature, if the software is difficult to use, it's no good. This reminds me, I think it's annoying that Intel AMT can't remotely read fan speeds. Something that big servers can do. Otherwise, Intel AMT can generally do more than most management solutions.
The contest looks good, but unfortunately is too far along to partiipate, and get a fair shake at the grand prize. Its all good though . . .
As far as remote fan speed readings, it would not be that hard to implement a .NET WMI performance counter service(I have actually done this myself for fun), then it is up to the actual motherboard, and if it has well implemented fan sensors or not.
My experiences on SNMP have left a bad taste in my mouth concerning the technology. From what I have experienced, not everything, supports everything, but if an AMT based motherboard handles all the appropriate 'subscriptions', this would probably be a moot point. The other aspect I do not like about SNMP, is the administration software availible ( free software that is ), it is seemingly bloated, and requires other software to work. I think it would be awesome if someone made a standalone implementation, that did not require you the user to use other OSS software.
Do not get me wrong, I do like OSS somewhat, but when you are forced to use 2-3 different softwares, plus Cygwin if you are using Windows, this only leads to possible instabilities, and a less secure machine. Anyhow, I think I have beat this horse a little too much . . .
Ylian, heh, I am seeing huge potential for 'remote PC repair here', as in: someone calls me, tells me their computer has a problem, I connect to it remotely, have it boot say a WinXP CD (yeah, a fast broadband connection would be needed, and I could boot the CD into repair mode, fix the problem, and they would hopefully have a working system again after I am done.
There is however, a caveat here: you guys havent implemented a payment plan 'service' for systems repair shops !!! LOL, yeah, I know . . . was fun to dream about it for a second
