Buyers' Guide
Cheat Sheet: Active Management Technology (AMT)
Published: 09 Dec 2008, 01:00pm
AMT? Why should I care about another three-letter acronym?
Because it could save you thousands of pounds, that's why. How many PCs does your company leave running overnight? A quarter of PCs are left on overnight, on average, which costs around £50 per year per machine in electricity bills. Of course you could save money by switching them off - but do you have time to go round and turn off every machine by hand? We thought not. Intel’s Active Management Technology (AMT) is remote control technology for desktop and laptop computers. It will save you money on your electricity bill - and that's just a start. It also increases the productivity of your staff by securing their PCs, and keeping the machines at peak performance.
Convince me. How does it work?
AMT is hardware-based. There's a client on the PC that works independently of the main operating system. It works "out of band", meaning you can use AMT to turn the machine off and on and perform other tasks remotely and without relying on the operating system, or having anyone at the machine. Your staff will forget to switch off - but you can use AMT to switch all idle machines off at 6pm.
Sounds great - but I install patches and software updates automatically overnight. I've trained my staff to leave machines on. If the machines are turned off, they'll rapidly become insecure!
No they won't. If you have a patch to install, AMT can turn the machines on again, let you install the patch remotely, and then shut them down.
Impressive, but how much will this AMT cost me?
Not much at all. You probably already have it in your business: around 30 per cent of business PCs sold today include AMT as standard. This isn't an extra. It's in any PC that carries Intel's vPro brand. Getting the benefit is just a matter of starting to use it in your existing AMT-capable PCs, and specifying vPro for future PC purchases.
How do I use it? Do I need new management software?
Unlikely. You can go right ahead and use it through your normal system management console, if you are using any of the common desktop management packages. It's supported in HP OpenView, Microsoft System Center, Tivoli, Altiris, and others. If you don't have desktop management, can we suggest that this would be a good time to start?
AMT saves power but you say it also secures my PCs. How?
Several ways. When a patch is announced, all your systems are vulnerable to opportunistic hackers until you have installed the patch. Without AMT you wait for users to turn their machines on, or send IT people to patch them. With AMT you can switch all the systems on, install the patch, test it and move on – 100 per cent patch penetration in minutes, and your staff are free to get on with other work.
Secondly, AMT means monitoring software can keep tabs on what PCs are up to - continuously. Any suspicious behaviour and you can lock the system down, or investigate further. And this kind of log is a requirement in many businesses. Finally, if malware does get through, AMT comes to your aid. Because AMT is outside the operating system you can boot the machine safely, fix the system - if necessary from a clean disk image - and get the user back to work. All without leaving your desk.
All my staff have laptops. Out of band agents are only for desktops aren't they?
Nope. In some ways AMT is even more important on laptops. They are more likely to pick up malware outside the company firewall, and you need remote control to shut them down if they are lost or stolen laptops. AMT is smart enough to work with a laptop and is included in Centrino and Centrino 2 branded laptops, and it will be in future laptops currently code-named Calpella. If the laptop is plugged into power and Ethernet, AMT works out of band, just as it does on a desktop. If the laptop is running on battery power AMT takes care not to waste it, and if it's on wi-fi it has to co-operate with the operating system - but it's still on active duty.
My company is too small for this. We have one part time IT guy, and we don't have a budget for centralised desktop management.
So get someone else to do it! AMT-based management is part of the deal from many outsourced service providers. They can look after your machines remotely from their network centre, and you can rest easy.
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
