Intel Active Management Technology For Embedded Systems. Intel Embedded and Communications Group

Intel Embedded and Communications Group

Technology For

Embedded Systems

INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL’S TERMS AND CONDITIONS OF SALE FOR SUCH

PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL® PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. INTEL PRODUCTS ARE NOT INTENDED FOR USE IN MEDICAL, LIFE SAVING, OR LIFE SUSTAINING APPLICATIONS.

Intel may make changes to specifications and product descriptions at any time, without notice.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Performance tests and ratings are measured using specific computer systems and/or components and reflect the approximate performance of Intel products as measured by those tests. Any difference in system

hardware or software design or configuration may affect actual performance.

Intel, Intel Core, vPro and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

*Other names and brands may be claimed as the property of others. Copyright © 2009 Intel Corporation.

Agenda

Part 1: Introduction

-

What is Intel

®

Active Management Technology (Intel

®

AMT)?

-

Usage Models for Intel AMT

-

Industrial

-

Retail

-

Gaming

-

Military/Aerospace/Government

-

Medical

-

Telecommunication

-

Intel AMT Roadmap

Part 2 : Architecture

-

Hardware, Firmware, Software Overview

-

Software Development Kit (SDK)

-

Developer Tool Kit (DTK)

Part 3 : Implementation

-

Key Ingredients

-

Provisioning – Setup And Configuration

What is Intel

®

_{Active Management}

Technology? (Intel

®

_AMT)

Hardware-based solution that enables:

- Software and hardware inventory capabilities

- Remote asset management

- Out-of-Band (OOB) system management

- Functions independent of system’s power state

- Hardware-based security features including system defense

network isolation

- Power management features

- Remote diagnosis and repair

- Third-Party non-volatile storage

Remotely discover, heal and protect

networked embedded systems

Intel AMT Solution:

Problem:

Intel

®

_{AMT Usage Model: Industrial}

•Real-time asset tracking (hardware and

software) is expensive and time consuming

•Devices are varied and built on different

platforms:

‒Factory robots

‒Human Machine Interface (HMI) systems

‒Test and measurement systems

‒Industrial PCs

‒Automation and control systems

•OOB management enables remote asset tracking irrespective of system power state

•Third-party non-volatile memory stores information that can be accessed offline

•Independent of platform and operating system

•“iAMT Scan” tool identifies Intel AMT capable systems and is available

Hardware and Software Inventory

Accurately track assets regardless of power state

Management console polls embedded systems for hardware ID and software version information

Systems report asset details

2

Factory Robots, HMI,

Industrial PC, Test

systems

Perform faster audits and optimize maintenance and

licensing configurations

Management

Console

HARDWARE

Hard drive: Make, Model Memory: Size, Speed CPU: Type, GHz

SOFTWARE

Virus software: Version

Management software: Version OS: Version

Network

Intel

®

_{AMT Usage Model: Retail}

Intel AMT Solution:

Problem:

• Software/OS failure at point of

sale (POS) terminal

• Software tools for remote diagnosis and repair

• OOB remote management in case of system OS crash

• Proactive alerting reduces system downtime by speeding diagnostics

• Serial over LAN (SOL) capabilities can be used to redirect text and keyboard

information

• IDE-redirection helps in booting a remote system using a CD in local

CD-ROM on management console

Remote Diagnostics and Repair

remotely rebooted from standard image on management server

diagnoses problem and repairs

(remote software update, local hardware install)

unable to boot

1

sends an alert

ATM, Kiosks, POS

Management

_Console

Reduce downtime and technician time

2

3

4

Retail Scenario:

- 20,000 kiosks

- Assume 50% of kiosks need rebooting at least 1x

each year

- Estimate $100 per truck roll to reboot kiosk

If the kiosks are equipped with Intel AMT:

- Reboot remotely, irrespective of power state or

OS status

- Save $100 per truck roll

10,000 reboots = $1 million

savings/year*

Estimated Cost Savings* with Intel

®

_AMT

Intel

®

_{AMT Usage Scenario: Gaming}

Intel AMT Solution:

Problem:

• Hardware failure at one of the

gaming terminals

• Event monitor sends alert and enables remote troubleshooting

• Remote OOB access as long as the hardware is connected to a power supply

and LAN

• Obtain hardware inventory data stored in non-volatile memory

• Diagnose the problem to prepare for on-site repairs

4

Slot, Poker and

Lottery

Machines

Reduce on-site visits and system downtime with remote

diagnosis and hardware info acquisition

Management

Console

Failed hardware event received at management console, engineer alerted

Remote diagnosis performed by analyzing event logs and boot history

Hardware asset/inventory enables remote identification of failed component(s), provides make/model info for replacement

Technician and hardware dispatched; platform repaired

Remote Hardware Troubleshooting and

Local Repair

Network

1

2

3

Intel

®

_{AMT Usage Scenario: Military,}

Aerospace and Government

Intel AMT Solution:

Problem:

• Secure management

• 24x7 protection of resources

• System defense feature confirms presence of critical security agents and

isolates infected systems

• Event logging describes system behavior

• OS independent feature makes the system immune to OS configuration issues

• End-point access control (EAC) feature provides compliance with various

network security protocols

• Tamper-resistant agents

Block Harmful Viruses and Isolate

Affected Devices

Proactive security threat block, hardware-based isolation and recovery

COTS product,

Embedded PC,

Security devices

Management

Console

No user intervention required to prevent the spread of

viruses and worms across the network

System sends alert

Management system recognizes when security agents or management features were disabled – alerts staff

Management system installs updates and patches

Filter

X

3

System defense capability scans incoming traffic for known viruses and worms

1

Network

When virus is found, system defense capability alerts, isolates the infected system from the network or limits its transmission rate

2

4

5

Intel

®

_{AMT Usage Scenario: Medical}

Intel AMT Solution:

Problem:

• Power management needed for systems when

not in use:

- MRI - X-Ray - Ultrasound - Diagnostic

- Medical Clinical Assistants - Therapy systems

• Systems must be kept up to date

• Mobile power management policies balance power and performance to ACPI specs

• Power state monitoring of clients – graph of results helps identify most active periods

• Alarm clock enables scheduled client wake up from any sleep state (or turn OFF);

network connection not required

• Local agents can perform scheduled tasks including software updates, information

stored in non-volatile memory

MRI, X-Ray, Portable Ultra

Sound, Testing, Diagnostic,

Medical Clinical Assistant

Management

Console

Improve productivity and compliance by scheduling

tasks for off hours

IT console sets energy

management policy with agent

System can be reliably activated for maintenance via secure management channel

System powered down when inactive, based on policy

Energy management agent protected via agent presence monitor

Enterprise Energy

Management Agent

Increased Energy Efficiency

Save energy costs with power management policy software and Intel

®

_AMT

Network

1

2

3

4

Intel

®

_{AMT Usage Scenario:}

Telecommunication

Intel AMT Solution:

Problem:

• Virus-infected carrier board may infect

other boards in the network

• Intel AMT continuously checks for the presence of management agent and

policy-based security agents on remote devices and takes necessary steps

in case of a missing agent

• System defense feature can be used to block packet traffic through a

network security policy

• Audit logs and agent monitor allow for easy interaction of network security

policy, heuristics filters and system defense features of Intel AMT

3

4

Network

Management or security agent is continuously checking in with Intel® _AMT

1

Carrier boards,

telecommunication

devices

Management

Console

Detect and contain viruses sooner to limit

exposure of other systems

Agent Presence Checking

Keeps agent operating correctly

Management console repairs non-working management agent

Remote device alerts that management agent is missing or non-functioning

Agent Present? Agent Present? YES NO Intel® AMT1 YES NO Security Agent Mgmt. Agent





Agent Present? Agent Present? YES NO Intel® AMT1 YES NO Security Agent Mgmt. Agent





Agent Present? Agent Present? YES NO Intel AMT YES NO Security Agent Mgmt. Agent





(

(

(

(

(

(

Management agent fails to check in

Intel

®

_{AMT Base Features}

Asset Management

OOB Features

• Remote Inventory (Hardware/Software) • 3rd party Data Storage

• Access Log (Event Management) • System Defense

‒Network Outbreak Containment

‒Base Heuristics

• Agent Presence

• Remote Configuration

• BIOS POST Code • BIOS Update

• IDE-Redirection (IDE-R) • Serial Over LAN (SOL) • Legacy Sensors

•

Transport layer security for secure communications

across OOB interface

•

Certificate authority issues digital certificates for each

device before provisioning

•

HTTP digest authentication for remote access

•

Single point of administration in enterprise mode

•

System defense to isolate from network, yet allows

management console connectivity

•

Pseudo-random number generator in firmware to

generate session keys

•

Firmware and drivers digitally signed by Intel

•

Access controlled non-volatile data store and functionality

-

Access Monitor

-

Intel TPM

-

Fast Call for Help (Wired)

-

DASH 1.0

-

EAC extensions NAP and NAC

-

Intel

®

Remote PC Assist

Technology

Intel

®

_{AMT Roadmap}

-

Access Monitor

-

Intel

®

Trusted Platform Module

(TPM)

-

Fast Call for Help (Wired)

-

DASH 1.0

-

EAC extensions for Microsoft*

NAP* and Cisco* NAC

Intel AMT 4.0

(Low Power Platform)

Intel AMT 5.0

(Scalable Platform)

Low Power Intel

®

_Embedded

Platform for 2008

Scalable Platform Based on

Intel

®

_{Core™2 Duo Processor}

with Intel® vPro™ Technology

OOB Communication and Control

Dedicated Power Rails (Always ON)

Local Area

Network (LAN)

OOB Architectural Overview

Management

Console

Dedicated Power Rails (Always ON)

Intel

®

_AMT

Ingredients

Intel

®

_AMT

Ingredients

Ethernet

NIC

Non-Volatile

Memory

Chipset

Processor

Operating

System

Application

FSB

For more information refer to the Platform Design Guide

LVDS CRT TV-Out

SPI Flash

PCI Express* x1/GLCI LAN Connect (LCI)

Gigabit Ethernet LAN PHY

x4 DMI C-Link 0

Intel

®

_{AMT 4.0 Hardware Architecture}

• ME Controller built in the chipset is the

Intel

®

_{Management Engine (ME)}

responsible for performing all Intel

®

AMT operations

• I/O Controller (South Bridge) is enabled

with ME subsystem and provides power

to various power wells when the rest of

the power wells are shut down during

sleep states

• Intel AMT enables OOB connectivity of

LAN Controller and SPI through

dedicated power rails (Always ON)

• NVM in FLASH

ME Intel®_{Core™ 2} Duo Processor

LAN

NVM Intel®_Express

Chipset 4 Series

ME Subsystem

LAN SPI ICH9

Intel

®

_{AMT Firmware Overview}

•

Intel AMT FLASH memory is shared by Host, ME and

LAN

•

Intel Management Engine BIOS extension (MEBx) as

implemented by an OEM platform provider enables

Intel AMT

•

Intel ME Firmware enables Intel AMT

•

LAN Firmware GbE EEPROM provides Intel AMT

network connectivity

•

Minimum size ~ 32 Mb Flash

•

Platform Data - 3

rd

_{Party Data Store support}

•

Descriptor has information on space allocated for each

region on flash image, read-write permissions for each

region, vendor specific data

•

Dedicated power rail to FLASH device for OOB

operation

SPI FLASH

BIOS/MEBx

ME FW

GbE EEPROM

Platform Data

Server SW

ISV Console App

Console Foundations

Client SW/Drivers

ISV Agent App

System Status Service

UNS

LMS

SOL

Intel® ME

Interface Driver

Intel

®

_{AMT Software and Drivers}

Intel

®

_{AMT Firmware Release kit available at}

Intel Download Center

• ISV Agent Applications:

‒Console

‒Agent UI

• System Status Service monitors Intel AMT status

• User Notification Service (UNS) listens to special events

happening on the system as a direct result of Intel AMT

execution and logs them in the Event Viewer of Microsoft Windows*

• Local Management Service (LMS) runs in the host OS to provide standard interface for network communication

• SOL driver: SOL communication • Intel® _{ME Interface driver:}

software Interface from the Host OS to the ME

•

Enables developers to build manageability applications that take

full advantage of Intel AMT and its features

•

Includes full set of documentation, sample code and APIs needed

for implementing Intel AMT

•

Supports C++ and C# on Microsoft* Windows* and Linux*

operating systems

•

Delivered as set of directories that can be copied to a location of

developer’s choice on the development system

Download the Intel AMT SDK FREE at

Intel

®

_{Software Network}

•

Intel AMT software supports SOL (text/keyboard) and

IDER (floppy/CD) redirection

•

Intel AMT SDK provides C interface for integration into

third-party management consoles

•

Intel AMT SDK for redirection includes:

-

Redirection library: a C dynamic library (for Windows*)

and C static library (for Linux*) that provide support for

SOL, IDE etc.

-

Management console sample code for Windows and Linux

to demonstrate the redirection capability

-

Header files that define the library API to external

applications

Intel

®

_{AMT SDK}

1. Integrate the SOL and IDER functionality into third-party management

console using the C dynamic library in the SDK and linking it to the

software and platform

2. Use the sample code or the Windows* sample application to test the

redirection capability

1. Intel®_{SDK Redirection Sample Console 2. Add the remote client}

Intel

®

_{AMT Software Development Kit}

3. Provide information on security

certificate to ensure secure session – example provided with the SDK

4. The client dialogue allows three group of controls: TCP parameters, IDER and SOL

Intel

®

_{AMT Software Development Kit}

Console Tool

Agent Tool

Setup & Configuration Tool

Network Monitor

Network Check Tool

Traffic Generation Tool

•

Provides tools to assist with training and development

process when implementing Intel AMT in embedded

systems

•

Installed on the server system that will run the

management console

•

Tools include but not limited to:

-

Intel AMT Commander

-

Intel AMT Outpost

-

Intel AMT Director

-

Intel AMT Network Defense Tool

-

Intel Net Status

-

Intel Net Traffic

Intel

®

_{AMT Developer Tool Kit (DTK)}

Download the

DTK

and quickly build high quality

Intel AMT Applications

Manageability

Commander Tool:

- Hardware Asset

- Network Policies

- Watchdog Timers

- Third-party Storage

- Events/Alerts

- SOL/IDER

- Remote Management

Manageability

Director Tool:

- Certificate Management

- One-Touch Setup

- Remote Configuration

- TLS Security Setup

- USB Flash Support

Manageability

Outpost Tool:

- General Information

- Watchdogs

- Serial Agent

- TLS Security

Intel

®

_{AMT Web Interface}

http://ipaddress:16992

Intel

®

_{AMT 4.0 Implementation}

Low Power Platform Requirements

Hardware

Firmware

Software

Processor

•Intel® _{Core™2 Duo Processor}

P8400, T9400 (PGA)

•Intel® _{Core™2 Duo Processor}

P8400, SL9380, SL9400, SU9300, SP9300, T9400 (BGA)

Intel AMT Firmware Kit (also includes Intel AMT drivers and BIOS extensions)

Intel Download Center

Operating Systems

•Management Server

‒ Windows* XP Pro 32/64-bit

‒ Windows 2003 Server 32/64-bit

‒ Windows Vista* 32/64-bit

‒ SUSE Linux Enterprise Server 10 SP2 32/64-bit

•Local AMT

‒ Windows XP Pro 32/64-bit

‒ Windows Vista* 32/64-bit

Chipset

•Mobile Intel® _{GM45 Express} Chipset with Intel® 82801IEM I/O Controller

•Mobile Intel® _{GS45 Express}

Chipset with Intel® 82801IUX-SFF I/O Controller

Intel AMT Setup and Configuration Server (SCS) Kit

•Provision Server

Intel AMT SDK

•Development System

Management Software (for Server):

•Manageability DTK

•Partner ISV using SDK - LANDesk*, BMC* Software, Computer Associates*, Symantec*, etc

LAN Controller

•Intel® _{82567LM Gigabit Ethernet} PHY

Intel

®

_{AMT 5.0 Implementation}

Scalable Platform Requirements

Hardware

Firmware

Software

Processor

•Intel® _{Core™2 Quad Processor} Q9400

•Intel® _{Core™2 Duo Processor} E7400 & E4300

•Intel® _{Core™2 Duo Processor} E8400 & E6400

Intel AMT Firmware Kit (also includes Intel AMT drivers)

Intel Download Center

Operating Systems

•Management Server

‒ Windows* XP Pro 32/64-bit

‒ Windows 2003 Server 32/64-bit

‒ Windows Vista* 32/64-bit

‒ SUSE* Linux* Enterprise Server 10 SP2 32/64-bit

•Local AMT

‒ Windows XP Pro 32/64-bit

‒ Windows Vista* 32/64-bit

Intel AMT Setup and Configuration Server (SCS) Kit

•Provision Server

Chipset

•Intel® _{Q45 Express Chipset with} Intel® 82801JO I/O Controller

Intel AMT SDK

•Development System

LAN Controller

•Intel® _{82567LM Gigabit Ethernet} PHY

Management Software (for Server):

•Manageability DTK

•Partner ISV using SDK - LANDesk*, BMC* Software, Computer Associates*, Symantec*,

Intel

®

_{AMT Setup and Configuration}

-Provisioning

Definition:

- “The process of enabling an Intel

®

_{Active Management}

Technology (Intel

®

_{AMT) device is called}

_Provisioning

_”

Provisioning Approaches:

- Manual installation and configuration

- One-touch configuration – using USB

- Zero-touch configuration – remote provisioning

Maintenance Actions and Routines:

- Re-Provisioning

- Un-Provisioning

Intel

®

_{AMT Manual Installation and Configuration}

Hardware Ready

(Factory Default Configuration):

- Intel AMT enabled - Processor, Chipset, LAN Controller

- Intel FLASH Storage

Firmware Ready

(Setup):

- Update BIOS with Intel AMT BIOS extension provided with Intel AMT Firmware Kit

- BIOS Vendors : AMI*, Phoenix*, Insyde* etc

- Update FLASH with Intel AMT Management Engine (ME) Firmware, LAN Firmware

Software Ready

(Configuration - Remote Management Console and

In-Band Functions):

- Install Operating System

- Supported OS : Microsoft* Windows* XP, Windows 2003 etc.

- Install Intel AMT Drivers provided with Intel AMT Firmware Kit

- Independent Software Vendor can use Intel AMT Software Development Kit and

Development Tool Kit (DTK) to develop their own management console and

incorporate their management features

- ISV: LANDesk*, BMC Software*, Computer Associates*, Symantec* etc.

For more information download the OEM

Bring Up Guide

2

SCS provides all the tools and performs the necessary steps to setup and

configure a large number of Intel AMT enabled devices – remotely and

automatically

For complete documentation and SDK download the

Intel AMT SCS kit available at

Intel

®

_{Software Network}

Intel

®

_{AMT SCS Enterprise Solution}

Workflow

Install SCS and load the SCS server with initial data and the tools required for provisioning

1

Intel AMT devices send “hello” message to SCS

3

Secure communication is established through TLS

4

SCS generates and sends:

- Public Key Infrastructure certificate - Access Control Lists

- Setup parameters defined in device profile specific to the platform

Provision

Server (SCS)

Intel AMT

embedded

SCS Components

Main Service:

SOAP API:

Database Server:

For more information refer to the installation guide available with

Intel

®

_{AMT SCS kit}

Windows* service that processes Setup and Configuration requests from

Intel

®

_{AMT devices}

API used by SCS console to interact with main service

Secure repository to store setup and configuration data, installed as database

instance in Microsoft* SQL Server

One Touch Configuration using USB key

Intel® _AMT embedded devices Management

Console

DNS/ DHCP Provision

Server SQL DB

1. Keys generated and data stored to USB

2. One-touch provisioning

3. Client boots and requests provision server

4. Client sends “Hello” packet

5. Server assigns profile and provisions client

One-touch configuration automates the process of securely

setting up and configuring embedded devices

Remote configuration eliminates the need for IT personnel

DNS/ DHCP Provision

Server SQL DB

Intel® _{AMT client embedded} devices, pre-programmed with

at least one active root certificate hash

2. SCS server sends trusted root

certificate matching hash

received with the “hello” message

Hello

3. Client validates the SCS certificate

4. Client verifies domain suffix matched DNS suffix and establishes communication

5. Server assigns profile and provisions client

1. Client sends “hello” packet to SCS

Management Console

Summary

Intel

®

_{Active Management Technology enables}

embedded equipment OEMs to provide their customers

with:

• Decreased downtime

• Increased security

• State-of-the-art remote management

• Out-of-Band management

• Long life support

• Rich ecosystem of hardware and software vendors

Improve platform manageability and reduce TCO

with Intel Active Management Technology

For more information, visit the

following links:

Intel

®

_{Active Management Technology for Embedded and}

Communication Applications

Manageability Technology for Embedded and Communications

Applications

Intel

®

_{Product Technologies for Embedded and Communications}

Applications

Intel

®

_{Software Network – Manageability}

Intel vPro Expert Center

for blogs on Intel AMT by developers and

manageability forums

Videos



Intel

®

_{Active Management Technology – Remote Platform}

Management



Intel

®

_{Active Management Technology – One Touch Setup using}

Intel

®

_{Active Management Technology}

Downloads

• Intel® _{Active Management Technology (Intel}® _{AMT) Software Development Kit (SDK): contains the building}

blocks and documentation material needed to develop software that interacts with Intel AMT systems http://software.intel.com/en-us/articles/download-the-latest-intel-amt-software-development-kit-sdk/

• Intel AMT Developer Tool Kit (DTK): Intel AMT DTK provides full set of documentation, sample code in C# and APIs needed for implementing Intel AMT

http://software.intel.com/en-us/articles/download-the-latest-version-of-manageability-developer-tool-kit/

• Intel AMT Setup and Configuration Service (SCS) : Includes tools and documentation to setup and configure Intel AMT devices remotely and automatically

http://software.intel.com/en-us/articles/download-the-latest-version-of-intel-amt-setup-and-configuration-service-scs/

• Intel AMT Reference Design Kit : Includes set of open source building blocks similar to Intel AMT DTK,

however it provides solution written in Java on Linux* and is based on older versions of (Intel AMT). This kit is no longer being updated or maintained

http://software.intel.com/en-us/articles/intel-active-management-technology-reference-design-kit/

• Intel AMT Open Source Drivers and Tools : The Openamt project is an open-source project providing drivers and tools to support Intel AMT on Linux and other operating systems http://www.openamt.org/

• Intel AMT Add-on for Microsoft* SMS 2003 : includes a plug-in utility to extend the functionality of Microsoft SMS 2003

http://software.intel.com/en-us/articles/intel-client-manageability-add-on-for-microsoft-sms-2003/

• Intel AMT WS-Management Translator for Intel® _{vPro™ Technology : makes it possible for WS-Management}

based software to be used in conjunction with Intel AMT platforms older than version 3.0 http://software.intel.com/en-us/articles/intel-ws-management-translator/

• For full list of available downloads on Intel AMT :

Glossary of Terms

EAC: Endpoint Access Control feature allows the IT administrators to implement differentiated policy enforcement and configuration based on the security state of the end point.

ACPI: Advanced Configuration and Power Interface specification: It is a standard for universal device configuration and power management by Operating Systems.

SHA: Secure HASH Algorithm: SHA hash functions are a set of cryptographic hash functions designed by the National Security Agency.

TLS: Transport Layer Security provides end point authentication and data encryption for communication over the internet.

PKI: Public Key Certificate also termed as Identity Certificate used to associate a digital signature to a public key with an identity so the owner of the digital signature can be identified.

SOAP: Simple Object Access Protocol.

OOB: Out Of Band management enables management irrespective of operating status or power state of a device as long as the device is connected to a power supple and Local Area Network (LAN).

IDE/IDER: Integrated Device Electronics is a parallel interface standard for connection to computer storage

devices such as Hard Disks, Solid state devices, and CD-ROM. Integrated Device Electronics Redirection is a feature in Intel® _{Active Management Technology (Intel}® _{AMT) that enables redirection of}

information from an IDE device on a server to a remote Intel AMT managed system.

NAC: Network Access Control is a networking solution that uses a set of protocols to implement a policy to screen devices that initially attempt to access a node or computer on a network.

NAP: Network Access Protocol is a networking solution by Microsoft* to control access to network resources based on a client’s identity and compliance with corporate governance policy.