Compaq 8100 vPro Setup and Configuration for the 8100 Elite Business PC with I - Page 35

26) When power is reapplied to the system, it will immediately look for a Setup and Configuration Server. If one is found, the AMT system will send a "Hello" message to the server. DHCP and DNS must be available for the Setup and Configuration Server search to automatically succeed. If DHCP and DNS are not available, then the Setup and Configuration Server's IP address must be manually entered into the AMT system's MEBx. The "Hello" message will contain the following information: • PID • UUID (Universally Unique Identifier) • IP address • ROM and FW version numbers The "Hello" message is transparent to the end-user. There is no feedback mechanism to tell the user the "Hello" message is being broadcast. 27) The Setup and Configuration Server will use the information in the "Hello" message to initiates a Transport Layer Security (TLS) connection to the AMT system using TLS Pre-Shared-Key (PSK) cipher suite if TLS is supported. 28) The Setup and Configuration server uses the PID to lookup PPS in provisioning server database and uses the PPS and PID to generate TLS Pre-Master Secret. TLS is optional. For secure and encrypted transactions, TLS should be used if the infrastructure is available. If TLS is not used, then HTTP Digest will be used for mutual authentication. It is not as secure as TLS. 29) Setup and Configuration Server logs into AMT system with the username and password, and provisions all required data items: a. New PPS and PID (for future Setup and Configuration) b. TLS certificates c. Private keys d. Current date and time e. HTTP Digest credentials f. HTTP Negotiate credentials Other options can be set depending on S&CS implementation. 30) The system goes from In-Setup phase to Operational phase. AMT is fully operational. Once in the Operational phase, the system can be remotely managed and can be provided to the end-user for regular use. 35