Intel AMT Features > System Defense > Use Cases > Query System Defense Capabilities of the Intel AMT
CollapseAll image

Query System Defense Capabilities of the Intel AMT

The following steps describe how to query the System Defense capabilities of the platform’s Intel AMT device.

1.  Retrieve the instance of AMT_GeneralSystemDefenseCapabilities, where the “InstanceID” key equals “Intel(r) AMT:Handle:1”.

2.  Examine the properties GlobalMaxSupportedPolicies and GlobalMaxSupportedFilters.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

$generalSystemDefenseCapabilitiesRef = $wsmanConnectionObject.NewReference("SELECT * FROM  AMT_GeneralSystemDefenseCapabilities WHERE InstanceID='Intel(r) AMT:Handle:1'")

$generalSystemDefenseCapabilitiesInstance = $generalSystemDefenseCapabilitiesRef.Get()

$globalMaxSupportedPolicies = $generalSystemDefenseCapabilitiesInstance.GetProperty("GlobalMaxSupportedPolicies")

$globalMaxSupportedFilters = $generalSystemDefenseCapabilitiesInstance.GetProperty("GlobalMaxSupportedFilters")

 

 

Perform the following steps to retrieve the capabilities per interface (wired or wireless):

3.  Create a reference to the instance of CIM_EthernetPort, where the DeviceID is one of the following:

Key

Value

DeviceID

     “Intel(r) AMT Ethernet Port 0” – wired port

     “Intel(r) AMT Ethernet Port 1” – wireless port

4.  Use the created reference as a selector to enumerate CIM_ElementCapabilities.

5.  Examine the list returned by the Enumerate method and search for instances where the value of the Capabilities property is AMT_NetworkPortSystemDefenseCapabilities.

Perform the following steps for each of the instances you find.

6.  Invoke AMT_NetworkPortSystemDefenseCapabilities.Get using the EPR stored in the Capabilities property of CIM_ElementCapabilities.

7.  Examine the relevant properties in the object, for example:

a.   IPv4_MaxTxFilters

b.   IPv4_MaxTxCounters

c.    IPv4_AntiSpoofingCapable

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

# Create a reference to the CIM_EthernetPort instance, select the wired interface.

$ethernetPortRef = $wsmanConnectionObject.NewReference("SELECT * FROM CIM_EthernetPort WHERE DeviceID='Intel(r) AMT Ethernet Port 0'")

$elementCapabilitiesRef = $wsmanConnectionObject.NewReference("CIM_ElementCapabilities")

$elementCapabilitiesRef.AddSelector("ManagedElement", $ethernetPortRef)

# Traverse to the CIM_ElementCapabilities instances that are connected to the CIM_EthernetPort instance.

foreach($elementCapabilitiesItem in $elementCapabilitiesRef.Enumerate("http://schemas.dmtf.org/wbem/wsman/1/wsman/SelectorFilter", $null))

{

    # For each instance, check if it is associated to the AMT_NetworkPortSystemDefenseCapabilities instance.

if($elementCapabilitiesItem.Object.GetProperty("Capabilities").IsA("AMT_NetworkPortSystemDefenseCapabilities"))

    {

          # Get the AMT_NetworkPortSystemDefenseCapabilities object using its EPR.

          $networkPortSystemDefenseCapabilitiesInstance = $elementCapabilitiesItem.Object.GetProperty("Capabilities").Ref.Get()

          # Example of one of the values in AMT_NetworkPortSystemDefenseCapabilities.

          $ipv4_MaxRxFilters = $networkPortSystemDefenseCapabilitiesInstance.GetProperty("IPv4_MaxRxFilters")

    }

}

 

 

Instance Diagram

Not applicable

Classes Used in This Flow

SDK Sample

Located at:<AMT SDK>\Windows\Intel_AMT\Samples\WS-Management\SystemDefense

 

See Also:

   Network Isolation

   System Defense Policies

   Heuristic Policies

   System Defense Filter Types

   Processing Network Packets with System Defense

   Networking Packet Structures

Copyright © 2006-2013, Intel Corporation. All rights reserved.