Class AMT_SystemDefensePolicy
Used in features: System Defense
& Heuristics
Compatible with the following Intel AMT Releases:
3.0, 3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0
CIM_ManagedElement
AMT_SystemDefensePolicy
class AMT_SystemDefensePolicy
- extends CIM_ManagedElement
General Information:
Describes a System Defense
Policy
Product Specific Usage:
Each System Defense policy in
the Intel AMT subsystem is represented by and instance of this
class
Qualifiers:
-------------
Version=6.0.0
Supported Fields
Summary |
string
|
ElementName A
user-friendly name for the object . . .
|
string
|
InstanceID Opaquely and uniquely identifies an instance of
this class.
|
string
|
PolicyName Policy
name.
|
uint32
|
PolicyPrecedence
In case multiple policies are being activated simultaneously,
the policy with the highest precedence value takes effect . . .
|
uint32
|
AntiSpoofingSupport
Anti Spoofing has the highest priority for blocking . .
.
|
uint32[62]
|
FilterCreationHandles A
list of Filter Creation Handles to be included in the Policy.
|
boolean
|
TxDefaultDrop
Specifies whether the TX packet should be dropped on filter
match.
|
boolean
|
TxDefaultMatchEvent
Specifies whether an Event should be created in the Event
Manager when this filter is matched . . .
|
boolean
|
TxDefaultCount
Specifies whether to count filter matches . . .
|
boolean
|
RxDefaultDrop
Specifies whether the RX packet should be dropped on filter
match.
|
boolean
|
RxDefaultMatchEvent
Specifies whether an Event should be created in the Event
Manager when this filter is matched . . .
|
boolean
|
RxDefaultCount
Specifies whether to count filter matches . .
.
|
Methods Summary |
uint32 |
GetTimeout(Timeout)
Get the timeout parameter.
|
uint32 |
SetTimeout(Timeout)
Set the timeout parameter.
|
uint32 |
UpdateStatistics(REF
NetworkInterface, ResetOnRead) Updates the statistics objects
with new data.
|
|
Create(Instance,
ResourceCreated) Creates a new instance of this class
|
|
Get(Instance) Gets the
representation of the instance
|
|
Delete() Deletes an
instance
|
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an
Enumerate operation
|
|
Enumerate()
Enumerates the instances of this class
|
|
Release(EnumerationContext)
Releases an enumeration context
|
ElementName
public string ElementName
- General Information:
A user-friendly name for the object. This
property allows each instance to define a user-friendly name in addition to
its key properties, identity data, and description information.
Note that
the Name property of ManagedSystemElement is also defined as a user-friendly
name. But, it is often subclassed to be a Key. It is not reasonable that the
same property can convey both identity and a user-friendly name, without
inconsistencies. Where Name exists and is not a Key (such as for instances of
LogicalDevice), the same information can be present in both the Name and
ElementName properties. Note that if there is an associated instance of
CIM_EnabledLogicalElementCapabilities, restrictions on this properties may
exist as defined in ElementNameMask and MaxElementNameLen properties defined
in that class.
Qualifiers:
-------------
MaxLen=40
InstanceID
public string InstanceID
- General Information:
Opaquely and uniquely identifies an
instance of this class.
Product Specific Usage:
In the format
'Intel(r) AMT:Handle:x', where x corresponds to the EOI policy
handle.
Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=40
PolicyName
public string PolicyName
- General Information:
Policy
name.
Qualifiers:
-------------
MaxLen=16
PolicyPrecedence
public uint32 PolicyPrecedence
- General Information:
In case multiple policies are being
activated simultaneously, the policy with the highest precedence value takes
effect. (Policies with the same precedence are chosen
arbitrarily).
Qualifiers:
-------------
Required
AntiSpoofingSupport
public uint32 AntiSpoofingSupport
- General Information:
Anti Spoofing has the highest priority for
blocking. Any packet that does NOT pass AS filter will not be transmitted even
if it passes other filters. Any packet that does pass the AS filter is subject
to the rest of the CB filters before it is transmitted.
Product
Specific Usage:
Release 6.0 added the Value Map value of 4: On without
Counting or
EventOnMatch.
Qualifiers:
-------------
ValueMap={0, 1, 2,
3, 4}
Values={Off, EventOnMatch, Count, Counting + EventOnMatch, On without
Counting or EventOnMatch}
FilterCreationHandles
public uint32[62] FilterCreationHandles
- General Information:
A list of Filter Creation Handles to be
included in the Policy.
TxDefaultDrop
public boolean TxDefaultDrop
- General Information:
Specifies whether the TX packet should be
dropped on filter
match.
Qualifiers:
-------------
Required
TxDefaultMatchEvent
public boolean TxDefaultMatchEvent
- General Information:
Specifies whether an Event should be
created in the Event Manager when this filter is matched. (The event will be
generated once and will be allowed again only after statistics are
read).
Qualifiers:
-------------
Required
TxDefaultCount
public boolean TxDefaultCount
- General Information:
Specifies whether to count filter matches.
(Specifying TRUE in this action will consume one extra counter from the
counter resources of the
Policy).
Qualifiers:
-------------
Required
RxDefaultDrop
public boolean RxDefaultDrop
- General Information:
Specifies whether the RX packet should be
dropped on filter
match.
Qualifiers:
-------------
Required
RxDefaultMatchEvent
public boolean RxDefaultMatchEvent
- General Information:
Specifies whether an Event should be
created in the Event Manager when this filter is matched. (The event will be
generated once and will be allowed again only after statistics are
read).
Qualifiers:
-------------
Required
RxDefaultCount
public boolean RxDefaultCount
- General Information:
Specifies whether to count filter matches.
(Specifying TRUE in this action will consume one extra counter from the
counter resources of the
Policy).
Qualifiers:
-------------
Required
GetTimeout
public uint32 GetTimeout([OUT]uint32 Timeout)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_CIRCUIT_BREAKER_REALM
General Information:
Get
the timeout parameter.
Product Specific Usage:
Returns the
timeout parameter for this policy. Timeout is measured in minutes, and 0 means
no timeout.
Additional Notes:
1) 'GetTimeout' method is supported
in Intel AMT Release 4.0 and later
releases.
Parameters:
--------------
- Timeout
- General Information:
The timeout of the policy (timeout is
measured in minutes, and 0 means no
timeout).
Qualifiers:
-------------
OUT
SetTimeout
public uint32 SetTimeout([IN]uint32 Timeout)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_CIRCUIT_BREAKER_REALM
General Information:
Set
the timeout parameter.
Product Specific Usage:
Additional
Notes:
1) 'SetTimeout' method is supported in Intel AMT Release 4.0 and
later releases.
Qualifiers:
-------------
ValueMap={0, 36,
38}
Values={PT_STATUS_SUCCESS, PT_STATUS_INVALID_PARAMETER,
PT_STATUS_FLASH_WRITE_LIMIT_EXCEEDED}
Parameters:
--------------
- Timeout
- General Information:
The timeout for the policy (measured in
minutes, and 0 means no
timeout).
Qualifiers:
-------------
Required
IN
ValueMap={0,
1..65535, 65536..}
Values={Infinite, Minutes for timeout,
Reserved}
UpdateStatistics
public uint32 UpdateStatistics([IN]REF CIM_EthernetPort NetworkInterface, [IN]boolean ResetOnRead)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_CIRCUIT_BREAKER_REALM
General
Information:
Updates the statistics objects with new
data.
Product Specific Usage:
Updates the
ActiveFilterStatistics associated with this policy, on the specified network
interface (received as an argument).
Fails if this policy is not
active on the
interface.
Qualifiers:
-------------
ValueMap={0, 1,
2}
Values={Success, Policy not active, Invalid
parameter}
Parameters:
--------------
- NetworkInterface
- General Information:
EPR to the CIM_EthernetPort object
representing the interface for which to update
statistics
Qualifiers:
-------------
Required
IN
- ResetOnRead
- General Information:
Causes statistics to be
resetted
Qualifiers:
-------------
Required
IN
Create
public Create([IN]AMT_SystemDefensePolicy Instance, [OUT] REF AMT_SystemDefensePolicy ResourceCreated)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_CIRCUIT_BREAKER_REALM
General
Information:
Creates a new instance of this class
Product
Specific Usage:
The following properties must be included in any
representation of AMT_SystemDefensePolicy:
InstanceID
PolicyPrecedence
TxDefaultDrop
TxDefaultMatchEvent
TxDefaultCount
RxDefaultDrop
RxDefaultMatchEvent
RxDefaultCount
API is blocked in client control mode
Get
public Get([OUT]AMT_SystemDefensePolicy Instance)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_CIRCUIT_BREAKER_REALM,
ADMIN_SECURITY_AGENT_PRESENCE_REMOTE_REALM,
ADMIN_SECURITY_AGENT_PRESENCE_LOCAL_REALM
General
Information:
Gets the representation of the instance
Delete
public Delete()
- Permission Information:
Permitted realms:
ADMIN_SECURITY_CIRCUIT_BREAKER_REALM
General
Information:
Deletes an instance
Pull
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
- Permission Information:
All users permitted to use method, only
instances to whom the user has permissions will be returned
General
Information:
Pulls instances of this class, following an Enumerate
operation
Enumerate
public Enumerate()
- Permission Information:
All users permitted to use
method
General Information:
Enumerates the instances of this
class
Release
public Release([IN]String EnumerationContext)
- Permission Information:
All users permitted to use
method
General Information:
Releases an enumeration
context