[walterbell]

If AMT provides remote management of devices that are turned off, what program provides authentication of remote management requests when the OS is powered off? Has that interface been audited for authentication vulnerabilities?

If there is an OS-independent, network-accessible AMT management service, when would an admin need to switch from that service to the Windows-hosted web interface? Why can't all AMT operations be performed without an OS?

[mjg59]

There is no Windows-hosted web interface, the web interface is provided by AMT. LMS is for accessing AMT from the local machine (AMT is listening to the network hardware, so trying to connect to the web UI locally won't work - the OS will shortcut the network hardware)