cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Edmund_Tan
Paper Tape
Posts: 3
Registered: ‎06-20-2014
Location: malaysia
Views: 1,651
Message 1 of 6

W540 no Intel Active Management Technology?

As per subject, I don't see any options enable intel AMT in the bios, and when i log into intel Management Engine I don't have intel AMT settings either, instead I have Intel Smart Business Technology in place of AMT. I went in and i only have 2 options, nothing much to configure here. Is this intended for W540? What does intel SBT does?

 

 

Thinkblaze
Ctrl-Alt-Del
Posts: 9
Registered: ‎06-17-2014
Location: USA
Views: 1,617
Message 2 of 6

Re: W540 no Intel Active Management Technology?

Hi, Edmund_Tan,

 

 

Quoting from Intel's site: "Intel Active Management Technology (AMT) is hardware-based technology for remotely managing and securing PCs out-of-bandCurrently, Intel AMT is available in desktops, servers, ultrabooks, tablets, and laptops with Intel Core vPro processor family, including Intel Core i3, i5, i7, and Intel Xeon processor E3-1200 product family."

 

I did some research, and found out that vPro is not supported by the following Intel processors avaiable in W540 models:

i5-4200M, i7-4700MQ.

 

 

If you have one of these, you probably won't find any options for IAMT in the BIOS.

I myself bought the model with i7-4800MQ and can find options for IAMT I the BIOS under: Config  > Intel (R) AMT. 

 

 

Hope this helps Smiley Happy

Community SeniorMod
Community SeniorMod
Posts: 9,514
Registered: ‎01-01-2010
Location: US
Views: 1,579
Message 3 of 6

Re: W540 no Intel Active Management Technology?

I don't use AMT, because it is for central management of a group of machines. Since I don't use it, I prefer machines without the AMT chips on the motherboard. I also don't use software-based encryption, so I prefer motherboards without TPM chips. Why pay extra for something you are not going to use, and adds additional failure points. I have seen machines that had the AMT chips get sick, causing motherboard failure, when AMT wasn't being used. If I get a machine with AMT, I always disable it.

Rich


I do not respond to requests for private, one-on-one help. Your questions should be posted in the appropriate forum where they may help others as well.

If a response answers your question, please mark it as the accepted solution.

I am not an employee or agent of Lenovo.
Edmund_Tan
Paper Tape
Posts: 3
Registered: ‎06-20-2014
Location: malaysia
Views: 1,547
Message 4 of 6

Re: W540 no Intel Active Management Technology?

Hi Thinkblaze,

Thank you for your reply and your effort in research. I din't realize intel AMT is specific to processors with vPro feature, as all the thinkpad machines has it (so far first thinkpad i have that doesn't have this feature).

 

Hi richk,

I'm still new at this technology, because I've stumbled upon users who have issues (corrupted windows etc) with their laptop and i wasn't around to fix them, and intel AMT provides remote KVM feature which allows me to remote to their machine on bios level. I'm still experementing this with intel's manageablity commander tool, so i think it would advantageous on my side. Nice to have your feedback though!

gusat
HDMI
Posts: 235
Registered: ‎10-21-2012
Location: Switzerland
Views: 1,507
Message 5 of 6

Re: W540 no Intel Active Management Technology?

AMT should be a major no-no for anyone concerned of privacy and data security. I avoid like pest this hardly documented AMT and its ME processors (google Intel, ME, AMT, concerns), which takes power, requires silent Intel updates and opens backdoors into all the 'corporate' machines endowed with this 'feature'. It's also one of many reasons why Russia and China are now building their own CPUs - though the success of such endeavors is TBD.

Net: Avoid purchasing AMT-based h/w, or at least disable it in BIOS, h/w mgnt. and drivers when it's not used (almost never).
Edmund_Tan
Paper Tape
Posts: 3
Registered: ‎06-20-2014
Location: malaysia
Views: 1,498
Message 6 of 6

Re: W540 no Intel Active Management Technology?

Hi Gusat,

While i understand that every technology has its own weakness,
the remote KVM feature actually helps in my environment where i can remote into users machine if there is issues on the OS level. (Unless you have a better suggestion in this example). I have yet to activate AMT on all machines, currently i'm just testing it out.

According to the following link :
http://serverfault.com/questions/410734/any-trade-offs-involved-with-enabling-intel-vpro

One can safely provision a machine with AMT via a properly setup PKI (certificates). To what extent this enhances security wise i don't have the slightest clue, but seems like do able. Anyway i'm all ears to any suggestion you guys give.

Correct me if i'm wrong, the main concern is enabling AMT would allow malicious users to gain access to AMT enabled machines? I'm using MBex password only, and when i do remote KVM flash screens appears indicating remote session is up.

Check out current deals!


Shop current deals

Top Kudoed Authors