Visible to Intel only — GUID: GUID-81DEBABE-1EB3-4F98-BA5B-1C32B91371BA
Integrating KVM feature into a Management Console
Intel AMT KVM is one of the most requested features that can be integrated into a management console.
As is typical of any Intel AMT Feature, the device must have the Intel AMT firmware configured to utilize the feature.
Here are the main steps to create a KVM connection:
- Verify the AMT KVM device settings
- Authenticate
- Make the AMT KVM connection
AMT KVM Device Settings
While the KVM remote control feature can be configured as a part of the Intel AMT configuration process, several of the feature parameters can also be configured at a later time.
It is a best practice to run a script or application to check and update the KVM status prior to making a KVM connection to the client. The settings required for Intel KVM to work are:
- The KVM redirection settings
- To inspect the KVM redirection settings, retrieve the instance of CIM_KVMRedirectionSAP and evaluate/set the following property:
- The Intel® Management Engine BIOS Extension (Intel® MEBx) settings
- To validate the Intel MEBx and port settings, retrieve the instance of IPS_KVMRedirectionSettingData and evaluate/set the following properties:
- The KVM redirection listener
- To validate the KVM redirection listener, retrieve the instance of AMT_RedirectionService and evaluate/set the following properties:
- AMT_RedirectionService.ListenerEnabled property = true
- To validate the KVM redirection listener, retrieve the instance of AMT_RedirectionService and evaluate/set the following properties:
Making the Connection
Making an Intel AMT KVM connection involves a management system utilizing an application to communicate over a wired or wireless network directly to the client's Intel AMT firmware management ports. The ports utilized will determine the type of VNC viewer that must be used.
There are two general types of applications that can be used by the management system: a web application run from a web browser or a VNC viewer.
- The HTTPS option, as utilized by the open source project Mesh Commander, has a web server to make the connection to the client and displays the results within a web page.
- The VNC viewer option comes in many flavors; however they all make connection on ports 5900, 16992–16995. See the article on the KVM feature for more details on the ports.
If you use a Management Console, please consider applying additional TLS when launching a viewer. For additional information on integrating a KVM application into a Console, see the Intel KVM Application Developers Guide
Network Considerations
The network connection for remotely accessing the Intel AMT device will be handled differently depending on whether the connection is within the local corporate network or going across open Internet connections (remote).
- Local connection. Because Intel AMT only communicates on the local wired or wireless networks, any properly configured device on the local network with a KVM viewer application can make a direct connection.
- Remote connection. Because Intel AMT only communicates on the local wired or wireless networks, access from outside the network requires the use of an Intel AMT KVM Proxy.
Additional Resources and Source Code Locations within the Intel AMT SDK
- Intel AMT SDK example Integrated Viewer Application and source code location: \Windows\Intel_AMT\Samples\KVM\KVMCustomTransportSample
- Example source code: \Windows\Intel_AMT\Src\KVM\KVMProxy\
- Example source code: \Linux\Intel_AMT\Src\KVM\KVMProxy\
- Example source code for proxy connection library: kvmlib.dll
Other Resources
- Host Based Setup and Configuration
- Setup and Configuration of Intel AMT
- How to Create an Intel AMT Discovery Solution
- How to Create an Intel AMT Remote Power Management Solution
- Intel AMT SDK Implementation and Reference Guide
- Enable/Disable KVM Interface
*No product or component can be absolutely secure.
Parent topic: KVM