As many of us know businesses are increasingly using Active Management Technology (AMT) to remotely control and manage their computer networks. In response to this increase in AMT technology some Certificate Authorities including Comodo have released new AMT SSL certificates that are designed specifically for the remote configuration of Intel vPro servers. These certificates although slightly more expensive than the traditional SSL certificate serve an important part during the redirection process that typically involves the transfer of usernames and passwords.
Intel strongly suggests that in order to prevent “sniffing of network passwords” redirection should always use a secure connection. If the device supports SSL protocol then the KVM proxy or application can establish a secure session with it before “opening SOL or IDE-R sessions”, therefore guaranteeing that all communication is secure. From a traditional stand point the Intel AMT device acts like the SSL server and the redirection library is the SSL client. However in addition to authenticating the SSL certificate, Intel AMT also provides an instrument for TLS mutual authentication (the Redirections Library will send its own SSL client certificate) that further improves the overall level of security.