Hi blablub44,
I'll do my best to answer your questions, hopefully reducing confusion:
My main source of confusion comes from the configuration option "Enable 802.1X for AMT even if host is not authorized for 802.1X" in the advanced wired 802.1X settings. How is that detected? How will AMT behave? What exactly does authorized mean in this context?
The best answer I have is at this link:
Intel(R) AMT SDK Implementation and Reference Guide
What is the purpose of this periodical AMT-based 802.1X login?
If the operating system is down, AMT still needs to be able to make a connection and needs the ability to be authorized.
Do I have to be lucky as an Admin to connect to the device just in the right moment or tell my customer to turn their device off to properly administrate it?
No, this setting can be changed under the advanced wired 802.1x settings:
And finally, is there any option I missed, that would allow the Host OS to freely use an unlocked network connection once AMT has dealt with the 802.1X authentication?
No, there is no option for this.
Regards,
Michael