Manualshelf

HP Business Notebook Intel® vProTM setup and configuration 2011 Business Notebook Models - Technical white paper

ManualsBrandsHP ManualsComputersA6G26EA
11121314151617181920
17
24. System will reboot.
25. Turn off system and remove power.
At this point the system is out of Factory Mode and is in In-Setup mode. It is ready to be
deployed in a corporation.
26. User plugs system into a power source and connects the network.
Only use the integrated Intel NIC. Intel AMT does not work with any other NIC solution.
27. When power is reapplied to the system, it will immediately look for a Setup and Configuration
Server. If one is found, the AMT system will send a “Hello” message to the server.
DHCP and DNS must be available for the Setup and Configuration Server search to
automatically succeed. If DHCP and DNS are not available, then the Setup and
Configuration Server’s IP address must be manually entered into the AMT system’s
MEBx.
The “Hello” message will contain the following information:
PID
UUID (Universally Unique Identifier)
IP address
ROM and FW version numbers
The “Hello” message is transparent to the end-user. There is no feedback mechanism to
tell the user the “Hello” message is being broadcast.
28. The Setup and Configuration Server will use the information in the “Hello” message to initiates a
Transport Layer Security (TLS) connection to the AMT system using TLS Pre-Shared-Key (PSK) cipher
suite if TLS is supported.
29. The Setup and Configuration server uses the PID to lookup PPS in provisioning server database
and uses the PPS and PID to generate TLS Pre-Master Secret.
TLS is optional. For secure and encrypted transactions, TLS should be used if the
infrastructure is available.
If TLS is not used, then HTTP Digest will be used for mutual authentication. It is not as
secure as TLS.
30. Setup and Configuration Server logs into AMT system with the username and password, and
provisions all required data items:
a. New PPS and PID (for future Setup and Configuration)
b. TLS certificates
c. Private keys
d. Current date and time
e. HTTP Digest credentials
f. HTTP Negotiate credentials
Other options can be set depending on S&CS implementation.