Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intel vPro Webinars for Q3 ’09 TopicTime & Registration Link Introduction to Intel®

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Intel vPro Webinars for Q3 ’09 TopicTime & Registration Link Introduction to Intel®"— Presentation transcript:

1 Intel vPro Webinars for Q3 ’09 http://www.intel.com/go/vproexpert http://www.intel.com/go/vproexpert TopicTime & Registration Link Introduction to Intel® vPro™ Technology August 19, 2009 8:00 AM to 9:30 AM PDT Recorded Session Available Enhancing the Symantec Management Platform (Altiris) with Intel® vPro™ Technology September 2, 2009 8:00 AM to 9:30 AM PDT Recorded Session Available Beyond the Firewall: Using Fast Call for Help to manage PCs with vPro Technology September 16, 2009 8:00 AM to 9:30 AM PDT Todays Session

2 GoToWebinar Attendee Interface Viewer Window Control Panel Type your questions here Enter your Audio PIN when joining the webinar Submit your questions via the GoToWebinar Control Panel This session is being recorded for future viewing For support, send e-mail during this session to: – Michele Gartner (michele.gartner@intel.com)michele.gartner@intel.com – Ramesh Dontha (ramesh.k.dontha@intel.com)ramesh.k.dontha@intel.com

3 Beyond the Firewall: Using Fast Call for Help to Manage PCs with Intel vPro technology Brad Lund Sr. Systems Engineer, Intel Corporation Guy Offer Check Point Software Technologies

4 Intel® vPro Training Agenda Intel® vPro Overview Fast Call for Help Overview vPro Enabled Gateway – Check Point Fast Call for Help Usages Client Connection and Manageability outside Firewalls – Demo (~ 6 Mins) FCH Deployment Considerations Summary Links to Important Documents Contact Information Questions 4

5 Intel® vPro Training Processor Intel ® Core™2 Duo processor or Intel ® Core™2 Quad processor Security Intel ® Virtualization Technology Intel ® Trusted Execution Technology Chipset Network What is Intel ® vPro™ Technology? Intel ® vPro™ technology: security and manageability on the chip Network Access Independent of Operating System State Intel ® Active Management Technology Security and Manageability Manageability Engine Non-Volatile Memory Intel ® Active Management Technology Intel ® Virtualization Technology

6 Encrypted, remote power-on and update Remote diagnostics and repair Intel ® vPro™ Technology Usage Cases Examples Hardware and software inventory Agent presence checking Hardware-based isolation and recovery

7 Intel® vPro Training Fast Call for Help(FCH) Extending the reach of Intel vPro via Checkpoint MANAGEMENT CONSOLECLIENT OUTSIDE FIREWALLGATEWAY INSIDE DMZ FIREWALL

8 Intel® vPro Training Fast Call for Help (FCH) Overview New feature (introduced in AMT4) that enables an AMT client that resides in a remote location to initiate a secure (TLS) out of band communication back to the organization Scenarios/Usages: – Reaching clients located outside enterprise – Remote Diagnostics/Repair – Remote Scheduled Maintenance Requires a vPro Enabled Gateway (vPEG) in the Corporate Demilitarized Zone (DMZ) Fast Call for Help only available on wired connections 8

9 Intel® vPro Training Fast Call for Help (FCH) Flow DMZ vPro Enabled Gateway Management Console Gateway sends connection events to Management Console Internet Firewall Secured Out of Band management session between client and Gateway User initiated request during pre-boot or operating system utility 1 5 Out-Of-Band management communication sent from console via Gateway 4 Client Desktop or Laptop Firewall 2 Out of Band connection request to Intel® vPro Technology Enabled Gateway Solution 3 LAN 9

10 vPro Enabled Gateway

11 Intel® vPro Training Check Point vPro enabled gateway Management Presence Server (MPS) is embedded inside the Check Point Security Gateway (one box). SSL tunnels from vPro machines are being terminated by the Check Point VPN-1 remote access termination point. The security gateway protects the vPro SSL termination point. SSL traffic from vPro machines undergoes IP and TCP security inspections. vPro authentication methods: client certificate (SSL mutual authentication), password or none (server only). vPro machines credentials are managed by a LDAP server (e.g. using Microsoft Active Directory Server). Administrator can either register all the machines names in a database or provide the general structure of the enterprise machines’ certificates. More security inspections to be added in the future.

12 The enterprise network vPro PCs inside the local network Check Point SmartCenter security management Altiris vPro management console vPro PCs outside the enterprise network. Check Point vPro enabled security gateway Internet Enterprise networkInternet Users and machines database APF/SSL LDAP SOAP, SOL/IDER vPro management protocols SOAP, SOL/IDER

13 Intel® vPro Training Check Point vPro enabled gateway advantages Full integration of the Intel Fast Call for Help architecture into the Check Point security gateway. vPro remote-access SSL termination point is secured and supported by Check Point. One box solution – the MPS component is integrated with the security gateway in one box. Total management – all IT security policy aspects: fw rules, SmartDefence protections, VPN, together with the vPro remote-access issues, are managed integrally by the Check Point SmartCenter management. Users and machines database – users and machines credentials are managed comfortably together in one database. Same users and machines database can be used for company security issues and the vPro issues. Additional benefits that comes with the security gateway such as high availability, logging, security updates, etc.

14 Fast Call for Help Usages

15 15 Remote Diagnostics and Repair Network vPro™ Enabled Gateway Enterprise IT Management Console vPro™ Enabled Gateway sends connection events to Management Console Internet Firewall Management console operator makes the required repairs required to client system 6 6 Remote worker experiences system failure. IT instructs user to initiate FCH connection. A secure tunnel is created between system and vPro™ enabled gateway 1 1 4 4 Management Console Operator connects to vPro system; begins diagnostic process Management Console list pre registered in the vPro™ Enabled Gateway 2 2 3 3 Firewall DMZ Desktop or Notebook PCs with Intel ® vPro ™ technology Reduce Costly Site Visits – Reach Out and Repair in Real Time vPro™ Enabled Gateway mediates connection with the TLS Session 5 5

16 16 Remote Scheduled Maintenance Network vPro™ Enabled Gateway vPro™ Enabled Gateway sends connection events to Management Console Internet Firewall Management console pushes update to client system 6 6 Scheduled ‘TLS call home’ opens secure tunnel between system and vPro™ enabled gateway 1 1 4 4 Management Console looks to see if updates need to be made Management Console list pre registered in the vPro™ Enabled Gateway 2 2 3 3 Firewall DMZ Desktop or Notebook PCs with Intel ® vPro ™ technology Schedule Maintenance When It’s Convenient for You – While Everyone is Asleep vPro™ Enabled Gateway mediates connection with the TLS Session 5 5 Enterprise IT Management Console

17 Manage Client Outside Enterprise Demo

18 Intel® vPro Training Demo – Using MC to Manage Clients Outside Enterprise Clients use vPro Icon to connect to vPro Gateway vPro Gateway issues Notification to MC Use Altiris 7 to assign image files for IDE redirection to clients Show various reboot options

19 Intel® vPro Training Fast Call for Help Flow - Revisited FCH Event triggered AMT opens TLS connection to vPEG in the DMZ vPEG authenticates AMT vPEG proxies traffic between consoles and AMT Client 19

20 DEMO

21 Deployment Considerations

22 Intel® vPro Training Planning FCH Deployment 1.Active Directory must be configured for AMT Note: AD Setup out of scope for this presentation, however currently configured vPro environments will have much of the required modifications. Consult your management console ISV for specific requirements 2.Activate Client with proper AMT settings – AMT must be provisioned while inside the corporate network. 3.Setup the vPro Gateway 4.Adjust the internal and external firewalls – Gateway vendors use different ports for listening, HTTP and SSL 5.Setup the Management Console vPro Enabled Gateway communication

23 Intel® vPro Training Base Requirements / Checklist RequirementChecklist Item Client Platform AMT >=4.0 Environment DetectionOption 15 value Gateway settingsIP(s), FQDN(s), SSL listen port Desired UsagesAt least one Policy defined (see next slide) CertificatesCertificates; choose a CA and define templates – Note: LANDesk pre-assigns Gateway ISVCheckpoint or LANDesk IP / FQDNIP(s), FQDN(s) SSL port accessible from the InternetSSL Listen port Socks & http proxy ports accessible from the Intranet Socks port, HTTP Proxy port ISV Alert Listen addressAlert Listen URI, Username, Password CertificatesCertificates; choose a CA, define templates, and create certificates – Note: LANDesk pre-configures this Console ISVAltiris or LANDesk Gateway settingsIP(s), FQDN(s), Socks port, HTTP Proxy port

24 Client Policies Policy NameUsageDescription User Initiated ConnectionFast Call for Help Diagnostics and Repair Knowledge Worker needs help from IT Support. They can use an OS tool (In Band) or a BIOS / MEBx tool (OOB) to initiate the connection. This may be used to augment a phone call or may replace it. Periodic ConnectionRemote Scheduled Maintenance AMT client connects to vPEG based on a timer (number of seconds).

25 Intel® vPro Training Summary FCH Solves Real Problems – Remote Diagnose/Repair, Scheduled Maintenance Create Profiles and Provision Clients – Create Client and Trusted Certificates Install vPro Gateway in DMZ – Adjust Firewall Rules to allow AMT/MC to connect Fast Call for Help - Ready for Action!

26 Intel® vPro Training Further Reading Fast Call for Help - Considerations For Enterprise Integration – http://communities.intel.com/docs/DOC-3183 http://communities.intel.com/docs/DOC-3183 Intel® vPro™ Technology - Technical Use Cases – http://communities.intel.com/docs/DOC-1560 http://communities.intel.com/docs/DOC-1560 Quick Start Guide for Altiris* and Intel® AMT – http://communities.intel.com/docs/DOC-1400 http://communities.intel.com/docs/DOC-1400 List of resources and insights to provisioning Intel vPro in an Altiris environment – http://communities.intel.com/docs/DOC-2032

27 Presenters: Brad Lund Brad.Lund@intel.com Guy Offer guyof@checkpoint.com Brad.Lund@intel.com guyof@checkpoint.com Thank you!

28 Questions

Download ppt "Intel vPro Webinars for Q3 ’09 TopicTime & Registration Link Introduction to Intel®"

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.

NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.
Content Overview Update Process Additional Tools.

Content Overview Update Process Additional Tools.
Managing Computers With Intel AMT Greg Rusu +41 41 748 22 13

Managing Computers With Intel AMT Greg Rusu
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Wi-Fi Structures.

Wi-Fi Structures.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.

Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
Intel ® vPro™ Expert Training 1 Module 2: Overview of Intel® vPro™ Features.

Intel ® vPro™ Expert Training 1 Module 2: Overview of Intel® vPro™ Features.
1 Webinar Calendar for Q3 ’09 TopicAgenda/ContentPrerequisite (Click on links in presentation mode) Time & Registration Link Introduction to Intel® vPro™

1 Webinar Calendar for Q3 ’09 TopicAgenda/ContentPrerequisite (Click on links in presentation mode) Time & Registration Link Introduction to Intel® vPro™
April WebEx Intel ® Active Management Technology (AMT) LANDesk Provisioning LANDesk Server Manager.

April WebEx Intel ® Active Management Technology (AMT) LANDesk Provisioning LANDesk Server Manager.

Similar presentations

Ads by Google