Intel® In-Band Manageability
Overview
With today’s technology, IoT devices are scattered and distributed across the world. IoT devices could be embedded within sensors, cameras, microphones, and software used for the purpose of collecting data or exchanging data over the internet. Physically maintaining these IoT devices becomes a challenge, making it difficult to upgrade and monitor the devices.
Device Management to Any Cloud
Get support for over-the-air (OTA) administrative operations and edge IoT device management with Intel® In-Band Manageability and facilitate device-health monitoring and telemetry data publishing. This framework is modular and scalable across preferred cloud service providers.
Intel® In-Band Manageability Framework
Over-the-Air Updates
Update your entire edge fleet when your operating system is functional. This framework provides a mechanism to perform firmware over-the-air (FOTA) and software over-the-air (SOTA) updates for a single system or multiple system across every work site.
Diagnostics
Monitor system health without sending a technician. Get health monitoring and rollback recovery capabilities on remote devices.
Flexibility
Connect to a device cloud of your choice. Use built-in message queuing telemetry transport (MQTT) and transport layer security (TLS) stack as reference code so you can develop your own interface.
Security
Enable secure management traffic with Trusted Platform Module (TPM) 2.0 based key and secret management. This allows for secure MQTT with TLS, access control list (ACL), and complete end-to-end mutual authentication. You can also perform package signature verification.
Intel In-Band Manageability helps manage single devices and, using an extended feature, allows control over multiple nodes through an Intel® architecture host. This was developed as a solution for Intel® Movidius™ VPU products where one PCIe* card has multiple SoCs with their own firmware and operating system. The Intel In-Band Manageability framework includes a primary agent that runs on the Intel architecture host, which is connected to the PCIe card with multiple SoCs. Each node agent connects to the primary agent and reports back information about the node, like make or model, firmware version, and other telemetry updates.
Intel In-Band Manageability
- Connectivity to the cloud
- Provide platform firmware and operating system update capability via OTA
- Publish platform attributes and telemetry to the cloud
Extended Features
- Enable firmware and operating system updates on PCIe cards
- Manageability conduit between Intel architecture host and PCIe cards
- Allow remote management of individual nodes
Benefits
- A licensed manageability framework that can be integrated into end-to-end manageability solution
- Source code provided for standardized, non-proprietary industry protocols
- Delivers a framework that can be extended into a scalable architecture
- Allows customers and partners the ability to connect to any cloud of their choice
- Enables ease of integration into end-to-end manageability solution
- Goes through Intel's exhaustive software quality assurance process
- Meets Intel's stringent quality and reliability requirements
- Adheres to open source licensing
Out of Band Manageability
Open Active Management Technology Cloud Toolkit (Open AMT Cloud Toolkit) provides open source, modular microservices and libraries for the integration of Intel® Active Management Technology (Intel® AMT). As an open source implementation, the toolkit makes it easier for IT departments and independent software vendors (ISV) to adopt, integrate, and customize out-of-band management (OOB management) solutions for Intel vPro® Platforms.
Out of Band vs. In Band
| Out of Band Manageability | In Band Manageability |
|---|---|
| Integrated, hardware-based, out-of-band remote device management enabling customers to remotely fix issues through power cycling the edge device | Reference solution for updating firmware and operating system remotely on IoT devices to keep deployed devices up-to-date with latest software configuration |
| Remote management on-premise or via the cloud using wired connectivity | Remote management on-premise or via the cloud using wired or wireless connectivity |
| Operates independent of the host operating system and provides persistent connectivity | Communicate with devices using standard networking capability when the host operating system is operational |
| Built below the operating system and has hardware and platform dependency | Built above the operating system |
| Fixes system issues even when the operating system is down | Provides the capability to update firmware and software when operating system is operational (only works in user space) |
Handles cloud-initiated commands:
|
Handles cloud-initiated over-the-air commands:
|
FIDO* Device Onboard (FDO)
Intel® Secure Device Onboard (Intel® SDO) provides a fast and more secure way to onboard any device to any device management system. This proven method is in broad adoption by device management system vendors. To help set the unified standard for device provisioning, these use cases and protocols have been submitted to the FIDO* Alliance working group for IoT.