Intel® vPro™ and Intel® Centrino® Pro Processor Technology Quick Start Guide

While these agents are running you can monitor any other service on the client machine using the LSM service monitoring tool. These agents and their descriptions are defined in AGENTPRESENCE.XML which is sent down to the Intel AMT non-volatile memory (NVM) storage area on the client Intel AMT machine and subsequently read by the LANDesk agent to determine what it should monitor.

Once AP starts on the client (default startup time is 6 minutes after the client is powered on), if the COLLECTOR.EXE process is killed or the LANDesk Management Agent service is stopped, an AP alert is generated. AP start and stop alerts are displayed in the LSM log, not the Intel AMT Event Log.

Note: If the COLLECTOR.EXE process is killed, restart it by running RESTARTMON.EXE, which is located in the LDCLIENT folder on the client system.

LANDesk Management Suite 8.8 has the ability to have Agent Presence trigger a System Defense policy to isolate the client system from the network. This can be done by creating an Intel AMT Agent Presence alert in the LSM console (under the Core Ruleset) with the action of “Place in the Intel AMT Remediation Queue.” With this alert rule in place, if a monitored process on the client is stopped, an Agent Presence alert is generated by Intel AMT and sent to the LANDesk core server. The core server will then issue a System Defense policy to the client that will stop all network traffic except for LANDesk management traffic, Intel AMT traffic, DNS traffic, and DHCP traffic, thus isolating the client system from the network except for system management functions.

Using LANDesk* Out-of-Band Monitor (AMTMON) Features:

LANDesk 8.8 has the ability to disable the network on the client at the OS level. This is not done through the System Defense feature, but rather through LANDesk agents and communication via the Intel AMT non-volatile memory (NVM) area. When you select to disable or enable the network on that client, a flag is set in NVM on the client, which is monitored by the service LANDesk* Out-of-Band Monitor (AMTMON.EXE). The AMTMON service disables or enables the network on the client based on the value of the flag in NVM. AMTMON can also run a vulnerability scan on the client at the next restart, if that flag is set. A message dialog is displayed on the client system whenever these three operations are performed.

Note: Do not ping the Intel AMT client to test if the network is disabled,; Intel AMT will still respond to pings.

System Defense (SD):

System Defense (SD) does not require any agents to be installed on the Intel AMT client machine. System Defense policies may be configured on a per-machine basis.

There are four pre-defined SD policies:

An FTP access policy which will trigger SD if an FTP access is made either to or from the Intel AMT client machine.

30

Page 29 Page 31
Page 30
Image 30
Intel Centrino Pro, vPro quick start Using LANDesk* Out-of-Band Monitor Amtmon Features
Page 29 Page 31

Centrino Pro, vPro specifications

Intel vPro and Centrino Pro are advanced technologies designed to enhance business computing environments, providing a blend of performance, security, and manageability. These technologies are specifically aimed at IT professionals and organizations looking to streamline their operations and protect sensitive data.

Intel vPro technology is built for today’s enterprise needs, incorporating a set of hardware and software features that allow for advanced security, remote management, and increased performance. One of the core features of Intel vPro is its Hardware Shield, which provides security at the firmware level, helping to protect against threats before they even reach the operating system. This feature enhances the overall security posture of devices while enabling IT departments to respond more effectively to potential threats.

Another prominent aspect of Intel vPro is its remote management capabilities, which include Intel Active Management Technology (AMT). AMT allows IT administrators to manage devices even when they are powered off or have a corrupted operating system. This capability significantly reduces downtime and improves productivity, as IT support can troubleshoot and resolve issues remotely without needing physical access to the machine.

Centrino Pro, on the other hand, focuses on delivering performance and power efficiency for mobile computing. It integrates Wi-Fi capabilities with advanced security features, enabling users to stay connected securely while on the move. Centrino Pro technology includes Intel's power management capabilities, which optimize battery life and enhance the performance of mobile devices.

The combination of Intel vPro and Centrino Pro offers features like Intel Trusted Execution Technology (TXT), which helps to protect virtual machines and sensitive data from attacks. Additionally, these technologies support enhanced multitasking capabilities, powered by Intel's robust processors, ensuring that business applications run smoothly and efficiently.

Both Intel vPro and Centrino Pro are designed with scalability in mind, allowing organizations to easily deploy and manage multiple devices across various locations. This scalability is an essential characteristic for businesses that require flexibility in their IT infrastructure without compromising performance or security.

In summary, Intel vPro and Centrino Pro represent a powerful suite of technologies tailored for enterprise environments. With features focused on security, remote management, and efficient mobile computing, they help organizations optimize their IT strategies and foster a secure and productive workplace.
Top Page Image Contents