This is referring to Intel AMT technology (aka vPro), which is essentially a KVM/BMC using the main CPUs graphics, and an embedded cpu in one of the support chips. This embedded cpu shares the NIC phy with the main CPU/OS. This allows you to power on a system and access bios settings without any OS. It can do graphics KVM, boot device redirection (allows remote OS install, and a small set of control commands like power on/off/reset).
The vPRO KVM is not as sophisticated as Dell iDRAC. Using AMT is a little more initial fooling around, as you need a VNC client, and you need to configure the AMT settings to allow generic VNC, which can only be done by sending the right WS-Man commands, which look like this:
winrm enumerate http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_HostedService
-remote:192.168.1.131:16992/wsman -u:admin -p:some.BAD.pw15 -a:Digest -encoding:utf-8
And no, this is not not generally a server thing, it’s generally a corporate desktop/laptop thing. It allows corporate IT support to do remove support/maintenance of systems without physically being there. It’s frequently present in the corporate hardware, and not always used by the corporate IT people.
The current driver development target systems I’m using, Lenovo TS140 servers, also have this feature in a server, and allows me to access the server using a normal VNC client if I break remote desktop. I can also remote power cycle systems. It does not talk the IPMI protocol, it talks VNC for KVM and WS-Man (https XML based) for other commands.
This is not a hypervisor, it’s a hardware based system to get remote management, adding minimal cost to the system. The TS140 servers I mentioned were only about $350 (4 Core Xenon, 4 GB Ram, 500 GB disk configuration). Also note you only get the remote graphics KVM if you use a processor with internal graphics.
I like these specific servers (2 at home and 6 at the office) because they have a usable KVM, boot fast (like 30-45 seconds from windbg .reboot until it’s up again), are cheap and so far pretty reliable. One downside is they don’t seem to support S3 power states (servers often don’t), so I will need to use another system for power state debugging. They do have a kdnet compatible nic and a legacy serial port (the USB chipset seems to not support USB 3 debugging), and 3 PCIe slots (one is x16 Gen3) and a PCI slot, enough to plug in a 1394 card and some hardware card under development.
Jan
On 10/24/15, 4:16 AM, “xxxxx@lists.osr.com on behalf of Maxim S. Shatskih” wrote:
>> Actually, Intel ME (the secret chip on your motherboard that bypasses the CPU and has direct
>>access to your NIC even when the machine is turned off)
>
>Is this stuff really present on desktops? Isn’t this kind of stuff (which includes nested VM hypervisor in some cases) - server only? isn’t this about BMC, “KVM over IP”, Dell iDRAC (Dell’s implementation of BMC) and these kind of things?
>
>> So some types of compression can technically be used as (potentially weak) encryption
>
>Immediately broken if the code is reverse-engineered. Not so with proper encryption.
>
>–
>Maxim S. Shatskih
>Microsoft MVP on File System And Storage
>xxxxx@storagecraft.com
>http://www.storagecraft.com
>
>
>—
>NTDEV is sponsored by OSR
>
>Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
>OSR is HIRING!! See http://www.osr.com/careers
>
>For our schedule of WDF, WDM, debugging and other seminars visit:
>http://www.osr.com/seminars
>
>To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer