Remote PC Management with Intel's vPro

Managing multiple or even numerous computers in a network is very important for enterprises, because an intact IT infrastructure is imperative for a healthy business, and maintenance in IT can add considerable cost. Small offices may be relatively simple to manage, because you don't lose time walking between different floors, buildings or campuses. In such a case, elementary tasks such as taking an inventory, updating software or replacing faulty hardware can become time consuming - not to mention expensive.

There are various management solutions on the market, but many of them require a workable operating system to service the remote PC, or they are based on additional hardware, which, again, can be expensive. Operating-system dependent management typically doesn't allow accessing BIOS settings or changing boot settings, cold reboots or similar actions. If the operating system is down for any reason (think of a virus attack or a serious program error), many systems cannot be remotely accessed any more, and an administrator's onsite presence is required. Although there are standards that enable remote PC management on a higher level than just the operating system, these lack interoperability and manageability. You might be familiar with some of the wake features, which enable computers to wake-on-LAN, wake-on-modem or wake-on-RTC. Then there is PXE, the Pre-Boot Execution Environment, which allows for a computer to be booted from a network source. This way it is possible to install an operating system or execute BIOS updates without inserting a physical medium into the PC. The network card looks for a PXE boot server within the local network, which provides a path to the NBP (Network Bootstrap Program). Lastly there is the ASF (Alert Standard Format), which takes care of advanced warning and system failure indications. It also allows for OS-independent management. But ASF leaves room for improvement, because it does not support authentication, encryption, the ability to reboot, real remote control, remote BIOS update and policy-based alerts.

What Exactly Is VPro?

vPro is a marketing-friendly product name such as Viiv or Centrino. It summarizes a number of features designed for business customers in the PC space. And it basically combines a number of existing features and technologies that can be found in the Intel portfolio: vPro requires a certain version of the 965 chipset, the Q965 and Intel's AMT (Active Management Technology). Lastly, the vPro Website also refers to the Core 2 Duo processor as a part of vPro, although our test system by Acer came with a Pentium D. The important thing here is to have a processor that supports VT, Intel's Virtualization Technology, so you can run a maintenance operating system partition.

Intel's description of vPro is centered on manageability and security. vPro is intended to reduce desk-side visits by administrative staff and to reduce labor-intensive manual processes in IT, and Intel promises seamless integration into existing management infrastructure. Manageability refers to the ability to inventory PCs, including their components, via hardware-based, OS-independent and system status-independent communication. System information can either be collected, or fetched from a small non-volatile memory on vPro-enabled systems. And it refers to minimizing desk side visits to client PCs by enabling remote boot, diagnosis and backup/restore capabilities. Security is offered by filtering network traffic, easy isolation and quarantining infected systems; up-to-date asset information, remote/push updates and the optional creation of a virtual system environment for management services.

vPro provides out-of-band communication for all management related activity, which means that it runs on a different sub network, although only one physical network connection may be used. The vPro BIOS extensions allow you to either fetch an IP address via a DHCP server dynamically, or you can manually assign one. The onboard LAN controller is used for vPro; other network cards are not affected. All management activity generally works regardless of the power state or the operating system.

Join our discussion on this topic

This thread is closed for comments
1 comment
    Your comment
  • Does anybody provision it through SCCM R2 successfully .I did not get right AMT Software ..I really appreciate for the post