Factory
•
In-Setup
•
Operational
•
The Factory phase is the initial stage. The system has been built from the factory. No AMT Setup and
Configuration has been done. The only way to access AMT in Factory phase is through the MEBx.
This phase will end for SMB mode systems once the default password has been changed. Enterprise
mode systems also require the Provisioning ID (PID) and Provisioning Passphrase (PPS) to be set. More
details on passwords, PIDs, and PPS in later sections.
The In-Setup phase is the next stage where most AMT options are set. This can be a manual
procedure or an automated one with a Setup and Configuration Server.
The Operational phase is the final stage. AMT is fully Setup and Configured in the system and ready
for normal use.
SMB Mode – AMT Setup and Configuration with MEBx
SMB mode is for customers who do not have ISV management consoles, or the necessary network
and security infrastructures to use encrypted Transport Layer Security (TLS). SMB mode AMT Setup
and Configuration is a manual process done through the Intel ME BIOS Extension (MEBx).
SMB mode is the easiest to implement since it does not require much infrastructure, but it is the least
secure since no network traffic is encrypted. HP recommends that this be done in a closed network.
Important Note: The MEBx is an option ROM module that is provided to HP by Intel to be included in
the HP system BIOS. The MEBx is not HP-specific and contains options that are not used by HP. If an
option is not used by HP, ignore it and do not modify from its default state.
Password Guidelines
MEBx passwords must meet the minimum criteria to be accepted. These restrictions are enforced by
the MEBx to reduce vulnerability of passwords to a dictionary attack.
Criteria:
Password must be between 8 and 32 characters long.
•
•
Password must contain both upper and lower case Latin characters (e.g. A, a, B, b).
Password must have at least one digit character (e.g. 0, 1, 2, ... 9).
•
Password must have at least one 7-bit ASCII non-alphanumeric character with an ASCII value
•
between 33d and 126d that is not part of the invalid character list below.
Some examples:
Exclamation
o
At
o
Number
o
Dollar
o
Percent
o
Caret
o
Asterisk
o
The underscore '_' is considered alpha-numeric.
An example of an acceptable password would be P@ssw0rd
!
@
#
$
%
^
*
3