Intel Amt Release 2.2; Intel Amt Release 3.0; Intel Amt Release 2.6 - Symantec ALTIRIS OUT OF BAND MANAGEMENT COMPONENT 7.0 SP3 - IMPLEMENTATION GUIDE V1.0 Implementation Manual
Hide thumbs
Also See for ALTIRIS OUT OF BAND MANAGEMENT COMPONENT 7.0 SP3 - IMPLEMENTATION GUIDE V1.0:
Table of Contents
Advertisement
Intel AMT Release 2.2
Intel AMT Release 3.0
Intel AMT Release 2.6
Intel AMT retrieves its domain suffix using DHCP Option 15. The CN in the SCS
certificate must match the full domain suffix. The result is that a separate
certificate is required for each domain. For example, the CN in the certificate is
corp.east.yourenterprise.com
east.yourenterprise.com
A CN of
yourenterprise.com
an Intel SCS installation can only work with one Remote Configuration certificate
at a time, a separate certificate and Intel SCS instance is required for each domain
where Intel AMT-based platforms are located.
If an Intel AMT 3.0 platform depends exclusively on the domain suffix returned
by DHCP, it behaves the same as Release 2.2.
The Intel AMT 3.0 FQDN option and domain extension option add the following
requirements:
If IT enters the FQDN of the SCS through the MEBx menu or with a formatted
USB key or the manufacturer enters the value before delivery, the CN in the
certificate must either exactly match all fields of the FQDN or it must be a
wildcard entry with a match in all but the first field of the FQDN. For example,
if the FQDN is
east.corp.yourenterprise.com
also be
east.corp.yourenterprise.com
If a DSN suffix is entered, then all fields in the suffix must be included in the
CN. For example, if the entered suffix is
CN could be
corp.yourenterprise.com
or
main.east.corp.yourenterprise.com
Using one of the above options requires a "single touch," which should be balanced
against the need for an SCS installation and unique certificate for each domain.
Release 2.6 supports the 2.2 functionality, with the following additions:
Wildcard CN: If the CN in the certificate is preceded by "
suffix received from DHCP need only match the CN where they have
overlapping fields. For example, if the CN is
, and
a.b.org
b.org
If the CN ends with "
DHCP needs to match only the last two fields in the CN. For example, if the CN
Remote Configuration certificate – differences between releases
and DHCP returns a domain suffix of
. The CN contains the full suffix so there is a match.
would not match
corp.yourenterprise.com
or
would all match (but
" or "
", then the domain suffix received from
.com
.net
Reference topics
east.yourenterprise.com
, the CN in the certificate must
or
*.corp.yourenterprise.com
east.corp.yourenterprise.com
(but not
east.yourenterprise.com
", then the domain
*.
, then
*.a.b.org
yyy.a.b.org
would not).
c.b.org
183
. Because
.
, then the
).
,
Advertisement
Table of Contents
Troubleshooting
Subscribe to Our Youtube Channel
Related Manuals for Symantec ALTIRIS OUT OF BAND MANAGEMENT COMPONENT 7.0 SP3 - IMPLEMENTATION GUIDE V1.0
Related Products for Symantec ALTIRIS OUT OF BAND MANAGEMENT COMPONENT 7.0 SP3 - IMPLEMENTATION GUIDE V1.0
- SYMANTEC ALTIRIS CLIENT MANAGEMENT SUITE 7.0 SP2 - V1.0
- SYMANTEC CLIENT MANAGEMENT SUITE 7.0 SP2
- SYMANTEC REAL-TIME CONSOLE INFRASTRUCTURE 7.0 SP3
- SYMANTEC MONITOR PACKS FOR SERVERS 7.0 - SP2 S
- SYMANTEC ALTIRIS INVENTORY 7.0 SP2 - FOR NETWORK DEVICES V1.0
- SYMANTEC SOFTWARE MANAGER 7.0 SP2 - REFERENCE FOR WISE INSTALLATION STUDIO V1.0
- Symantec ALTIRIS REAL-TIME SYSTEM MANAGER 7.0 SP2 MR1
- SYMANTEC ALTIRIS ASSET MANAGEMENT SUITE 7.0 - V1.0
- SYMANTEC CMDB SOLUTION 7.0
- SYMANTEC ALTIRIS IT MANAGEMENT SUITE 7.0 MR1 - S V1.0
- SYMANTEC ALTIRIS IT MANAGEMENT SUITE 7.0 MR2 - S
- Symantec WISESCRIPT EDITOR 7.0.2
- SYMANTEC ALTIRIS DEPLOYMENT SOLUTION 7.1 - V1
- SYMANTEC DEPLOYMENT SOLUTION 7.1
- SYMANTEC GHOST IMAGING FOUNDATION 7.1 - V1.0
- Symantec 7120
Need help?
Do you have a question about the ALTIRIS OUT OF BAND MANAGEMENT COMPONENT 7.0 SP3 - IMPLEMENTATION GUIDE V1.0 and is the answer not in the manual?