Manualshelf

HP Business Notebook Intel® vProTM setup and configuration 2011 Business Notebook Models - Technical white paper

ManualsBrandsHP ManualsComputersA6G26EA
11121314151617181920
18
31. The system goes from In-Setup phase to Operational phase. AMT is fully operational. Once in the
Operational phase, the system can be remotely managed and can be provided to the end-user for
regular use.
Enterprise mode provisioning methods
There are three methods of provisioning a system with enterprise mode:
Legacy
IT TLS-PSK
OEM TLS-PSK
Legacy AMT setup and configuration
Legacy method of AMT setup and configuration should be executed on an isolated network separate
from the corporate network if TLS is desired. An S&CS server would have to have a secondary
network connection to Certification Authority for TLS configuration.
Legacy AMT Setup and Configuration is done by the customer. The customer initially receives systems
in the Factory phase with AMT disabled. These systems will need to go through AMT Setup to go from
Factory to In-Setup phase.
Once the system is in In-Setup phase, the system can continue to be configured manually or be
connected to a network where it will connect with an S&CS and begin Enterprise Mode AMT
Configuration.
The Legacy method places all of the work of AMT Setup and Configuration on the customer. It is
no touch for the OEM.
IT TLS-PSK setup and configuration
IT TLS-PSK AMT setup and configuration is usually done in the IT department of a corporation. You will
need a Setup and Configuration Server and network and security infrastructure to use this method.
AMT systems in the Factory phase will be given to the IT department of a company. The IT department
is responsible for AMT Setup and Configuration. The IT department is free to use any method to enter
in AMT Setup information. Once this is done, the systems will be in Enterprise mode and in the In-
Setup phase. A Setup and Configuration Server will need to generate PID and PPS sets.
AMT Configuration has to occur over a network. The network can be encrypted via Transport Layer
Security Pre-Shared Key (TLS-PSK) protocol. Once the systems connect to a Setup and Configuration
Server, Enterprise mode Configuration will occur.
The IT TLS-PSK method places the work of AMT Setup and Configuration on the IT departments of
major corporations. They must have the personnel and infrastructure in place for system
configuration and deployment. It is no touch for the OEM.
OEM TLS-PSK setup and configuration
OEM TLS-PSK AMT setup and configuration is done in two stages. The first stage is performed during
OEM manufacturing and the second stage at the customer location.
In the first stage, customers purchase systems from HP. HP will setup those systems during
manufacturing bringing them to the In-Setup phase. The new Admin Password, PID, and PSS
generated during HP manufacturing are transferred to the customer in a separate and secured
fashion. That information along with the new admin password is provided to the customer. After
manufacturing, the systems are shipped to the customer in the In-Setup state.