Embedded in hardware, Intel® vPro™ technology capabilities are accessed and administered separate from the hard drive, OS, and software applications – in a pre-boot environment. This makes management possible even when there are issues affecting these areas and allows remote access to the PC regardless of the system’s power state or OS condition. With KDPM IT administrators can enable and configure vPro chip directly from Kaseya.
Detection and Enablement
KDPM can directly scan and automatically detect the vPro capabilities on machines using the Kaseya Agent. Once scanned, machines can then be selected and enabled remotely through the Agent. This saves manual intervention on each machine to enable vPro through the BIOS. Avoiding these machine-side visits can represent a significant time saving.
Proxy and Certificate
How do you remotely connect to a machine that’s offline? This is a fundamental challenge in Out-of-Band management. KDPM solves this by allowing any Agent on a LAN to act as a ‘Proxy’ for vPro connections to remote sites.
As well as acting as a Proxy, the nominated machine can also be set up as a Certificate Server and be enabled in KDPM to hand out certificates to vPro clients. This allows central management of authentication, removing the need to set individual passwords on machines to connect to vPro sessions. Once set, simply click on a machine in the KDPM GUI and be directly connected, no user interaction required.
Power Management
Using a combination of Intel vPro and Kaseya technology KDPM offers a broad array of power management options, including ‘hard’ power options, which will in effect ‘pull the plug’ on a machine allowing you to reset even completely frozen machines, avoiding costly machine side visits.
AMT Functions
Intel® AMT™ is part of the Intel Management Engine, which is built into PCs with Intel vPro technology. Like the other vPro functions these are all available Out of Band. In this release KDPM supports the following AMT management options.
- Boot to BIOS – Reboot the machine into BIOS mode and remotely edit the BIOS
- Boot from ISO – Reboot the machine and connect to an ISO image to boot the machine from
- Connect to unresponsive Machine with KVM – start a remote console session to a machine even if the OS has hung allowing diagnosis
Policy Enforcement
KDPM Policy Enforcement gives control over all the critical settings you need for business wide Desktop Policy enforcement. You can quickly and easily create a corporate standard from a ‘Golden Machine’ using a simple to follow wizard and then enforce those core system and application settings across all your Windows Desktops*. Separate Policy’s can also be set by group for items that vary across the organization such as drive and printer mappings.
Security related policy items allow enforcement of data protection standards by stopping files from being removed from machines via USB or Optical Drive and allowing central control over Windows Defender and Action Center.
Desktop Standard
Automatically create a policy from a machine that incorporates accessibility, appearance, keyboard and sounds, as well as core productivity application settings such as Office and Internet Explorer
Power Settings
Conform to organizational standards while contributing to energy conservation. Create and deploy central power control policies for all end points.
Security Settings
Create and deploy policies for USB and optical data access and other important windows security settings such as Windows Defender and Action Center.
