Intel vPro: Three Generations Of Remote Management
Table of contents
- 1. An Introduction To Intel vPro And Active Management Technology
- 2. Unique vPro Hardware Requirements
- 3. Intel Core 2 Duo E8500 And DQ45CB: The Wolfdale Generation
- 4. Intel Core i5-670 And DQ57TM: The Clarkdale Generation
- 5. Intel Core i5-2500 And DQ67SW: The Sandy Bridge Generation
- 6. Intel Management Engine (ME)
- 7. Intel Active Management Technology (AMT)
- 8. Intel AMT Web Interface
- 9. Intel AMT Web Interface, Continued
- 10. KVM Remote Control: Adding RealVNC Plus To The Mix
- 11. KVM Remote Control: Adding RealVNC Plus To The Mix, Continued
- 12. Intel vPro, McAfee, And The Atom Platform
- 13. AMD's DASH Wild Card
It's common to manage PCs remotely in today's business environment. Intel's vPro technology aims to simplify that task by giving IT professionals hardware-level tools to make remote management easier. Today we look at three generations of vPro.
In today’s enterprise environment, desktop management is an area where CIOs are constantly evaluating ways to lower costs. If you look at a typical mid- to large-sized organization, there is usually a mobile sales force and support staff, multiple buildings and locations, and every employee has either a desktop or notebook.
Over the past few years, IT organizations have looked for ways to help combat rising costs associated with managing common IT problems. Although their approaches may differ, the common ideology permeating IT these days is to move service and support away from desk-side visits to save time and money.
Beyond the logistic issues that eat up valuable resources, IT is also constantly contending with security threats and more maintenance-oriented tasks like taking component inventories. Many years ago, Intel conceptualized vPro as a means of simplifying all of those tasks, arming the VARs who help manage SMBs and the dedicated IT departments in larger organizations at the very same time.
Intel’s vPro technology is fairly unique as a set of capabilities that facilitate serviceability and security in end-user computing environments. Given Intel’s position selling CPUs, chipsets, and network controllers, the company is in a unique position to get a number of disparate hardware components working together. Over time, those technologies have evolved to include more advanced controls, which enable some pretty interesting features that we've never seen compared back to back before.
Intel sent over three generations of Intel vPro platforms to show how its business platform has evolved, from the Wolfdale-based Core 2 generation up to the current Sandy Bridge architecture. The economic recession has seen a number of companies shrinking their employee's work spaces, so the microATX form-factor chosen for all three setups is a good way to also facilitate a smaller PC footprint compared to larger ATX boards.
First, we'll take a look at the hardware itself before delving into the successive capabilities introduced by vPro itself.
One thing is for sure: Intel clearly intends vPro technology to be as usable in the enterprise space as it is in small- and medium-sized businesses. With that said, the feature set of Intel vPro might even appeal to anyone who wants to manage a family member's PC from afar due to inclusions like the Intel KVM found in its Clarkdale and Sandy Bridge vPro generations.
Latest CPU News
- 05/24 – Nvidia to Push Tablet Prices to $199 With Kai Platform
- 05/23 – AMD Backing Out of CPU Speed Wars Against Intel
- 05/22 – AMD Hitting The Casino Floor With Embedded R-Series
- 05/22 – Does Your AMD FX Platform BSOD with Steam? Read This.
- 05/20 – Intel To Support Cheap Ultrabooks With Low-Cost Celerons
Latest CPU reviews
- 05/24 – Overclocking Core i7-3770K: Learning To Live With Compromise
- 05/22 – Core i5-3570K, -3550, -3550S, And -3570T: Ivy Bridge Efficiency
- 05/18 – Best Gaming CPUs For The Money: May 2012
- 05/15 – AMD A10-4600M Review: Mobile Trinity Gets Tested
- 05/14 – Core i7-3720QM: Ivy Bridge Makes Its Mark On Mobility
-
Latest Intel News
- Intel Picks UK for Research Institute on Sustainable Cities
- Specs for Dell's Windows 8 Clover Trail Tablet Leaked
- Thunderbolt Will Become Key Motherboard Spec in 2H 2012
- AMD Backing Out of CPU Speed Wars Against Intel
- Intel Hopes New Batteries Can Reduce Ultrabook Cost
-
Latest Intel reviews
- Overclocking Core i7-3770K: Learning To Live With Compromise
- Core i5-3570K, -3550, -3550S, And -3570T: Ivy Bridge Efficiency
- Best Gaming CPUs For The Money: May 2012
- Intel SSD 330 Review: 60, 120, And 180 GB Models Benchmarked
- Core i7-3720QM: Ivy Bridge Makes Its Mark On Mobility
Can I suggest an article comparing different remote access tools we can use? From the freeware TeamViewer, VNC Viewer to such things like WebEx? I think that would be a very good topic.
^^Don't forget Logmein Rescue which has vPro support.
intel man please give me a job.
Intels rock
Glad to see you made it to publish day, was waiting for this piece.
Looking great !
One correction: DQ57TM *does* contain a v1.2 TPM, the same as found on DQ67SW and DQ67EP. It's required to be vPro compliant (necessary for Intel TXT).
Nifty but I don't like the single-vendor lock-in. I can see real improvements in IT efficiency if this was combined with AoE. Would like to see SSH support, however.
Hopefully they have improved the activation mechanism. Kind of a PITA if you don't buy a certificate from a trusted CA. I used an internal cert and had to activate each machine by booting from a flash drive.
If my hard drive is encrypted using TrueCrypt pre-boot authentication, would I be able to fill in the password using Intels vPro?
The voice of the guy in the video is bad. The guy talks like he is speedreading a book...
One correction: DQ57TM *does* contain a v1.2 TPM, the same as found on DQ67SW and DQ67EP. It's required to be vPro compliant (necessary for Intel TXT).
Fixed, thanks!
Chris can you answer my question?
If my hard drive is encrypted using TrueCrypt pre-boot authentication, would I be able to fill in the password using Intels vPro?
Generally you don't want to do this. Pre-boot authentication on encrypted drives is a security measure so that someone gaining access to a shut-down PC cannot cold boot onto the contents of the disk. For example, one shuts down a notebook that is subsequently stolen in an airport.
In that scenario (actually fairly common) the user that now has the notebook can boot to the contents of the disk if a password was pre-filled.
HP insight manager is better. Weird thing is I found out about it from a whitepaper on Dells site. I thought HP and Dell hated each other?? but we use it for PCs, servers, and it has a plugin for Vmware.... AND IT IS FREE.
For example, one shuts down a notebook that is subsequently stolen in an airport. In that scenario (actually fairly common) the user that now has the notebook can boot to the contents of the disk if a password was pre-filled.
So you saying that's a bad idea for the owner that he typed the pre-filled the password using vPro?
Hi, does anybody know if Intel Dq67sw motherboard Support 8Gb ddr3 Single Modules . Because Intel Technical product specification states " Support for 32GB of System Memory with four DIMMS using 4GB memory technology ".
Are there any other Intel boards which support vPro ( VT-X , VT-D ) with 32GB for i7 2nd Generation.
As i want to build one myself for VM.
Generally you don't want to do this. Pre-boot authentication on encrypted drives is a security measure so that someone gaining access to a shut-down PC cannot cold boot onto the contents of the disk. For example, one shuts down a notebook that is subsequently stolen in an airport. In that scenario (actually fairly common) the user that now has the notebook can boot to the contents of the disk if a password was pre-filled.
So you saying that's a bad idea for the owner that he typed the pre-filled the password using vPro?
Chovav, pjkenned and dj christian - yes, you can use Intel vPro AMT to fill the Pre-Boot Authentication. You can do this either with AMT KVM (which is the simple way, but requires AMT 6 and above) or with AMT SOL (assuming TrueCrypt allows SOL.
pjkenned - there are several scenarios which it would makes much sense to send the password for PBA remotely: 1. Support agent trying to recover a user's password. 2. Trying to boot to a computer you left in the office. The idea is not that the password is pre-filled, it is filled on real-time.
It's actually can be a very powerful tool for the service-desk at your organization.
So you saying that's a bad idea for the owner that he typed the pre-filled the password using vPro?
I didn't really understand what you mean. If you utilize this feature correctly you can gain real value to your organization. Note my 2 suggestion of usage. If you have it kept in a DB or something similar, you must make sure this DB is encrypted and secured properly, since this is sensitive information, but you can still get it and send it to your computer using vPro encrypted over TLS/SSL channel.
okokpkpk - I'm saying DO NOT PRE-FILL THE PASSWORD. This is not what's vPro is all about.
I'm saying, create a solution for your organization that allow real time password push to your clients, in case a password is forgotten. Passwords are stored securely inside the organization and are only used in case of password forgotten. Nothing else. Do no bypass the pre-boot authentication mechanism.