The following steps describe how to disable a System Defense policy.
1. Retrieve the instance of CIM_EthernetPort with the DeviceID of the interface whose System Defense Policy you wish to disable:
Key | Value |
• “Intel(r) AMT Ethernet Port 0” – wired port • “Intel(r) AMT Ethernet Port 1” – wireless port |
2. Retreive the instance of AMT_SystemDefensePolicy with the InstanceID that you want.
Note: |
The InstanceID is the ID of the System Defense policy you want to disable. |
3. Get the instance of AMT_NetworkPortSystemDefensePolicy, using the following keys:
Key | Value |
Antecedent | Use the EPR of the CIM_EthernetPort retrieved in step 1. |
Dependent | Use the EPR of the AMT_SystemDefensePolicy retrieved in step 2. |
4. Invoke Delete on the instance of AMT_NetworkPortSystemDefensePolicy returned in step 3.
Click here for a snippet demonstrating this step
You can execute this snippet by inserting it into the execution template found here.
# $systemDefensePolicyRef is an EPR to the AMT_SystemDefensePolicy object created by the 'Create System Defense Policy' use case.
$systemDefensePolicyInstance =$systemDefensePolicyRef.Get()
$instanceID =$systemDefensePolicyInstance.GetProperty("InstanceID")
# Create a reference to the CIM_EthernetPort instance, select the wired interface.
$ethernetPortRef =$wsmanConnectionObject.NewReference("SELECT * FROM CIM_EthernetPort WHERE DeviceID='Intel(r) AMT Ethernet Port 0'")
$networkPortSystemDefensePolicyRef =$wsmanConnectionObject.NewReference("AMT_NetworkPortSystemDefensePolicy")
$networkPortSystemDefensePolicyRef.AddSelector("Antecedent",$ethernetPortRef)
# Traverse to the AMT_NetworkPortSystemDefensePolicy instances that are connected to the CIM_EthernetPort instance.
foreach($networkPortSystemDefensePolicyItem in$networkPortSystemDefensePolicyRef.Enumerate("http://schemas.dmtf.org/wbem/wsman/1/wsman/SelectorFilter",$null))
{
# For each instance, check if it is associated to the AMT_SystemDefensePolicy instance.
if($networkPortSystemDefensePolicyItem.Object.GetProperty("Dependent").IsA("AMT_SystemDefensePolicy"))
{
# Get the AMT_SystemDefensePolicy object using its EPR.
$systemDefensePolicyInstance =$networkPortSystemDefensePolicyItem.Object.GetProperty("Dependent").Ref.Get()
if($systemDefensePolicyInstance.GetProperty("InstanceID") -like $instanceID)
{
$networkPortSystemDefensePolicyRef =$networkPortSystemDefensePolicyItem.Object.ToReference("Antecedent","Dependent")
$networkPortSystemDefensePolicyRef.Delete()
}
}
}
Instance Diagram
Not applicable
Classes Used in This Flow
SDK Sample
If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.
See Also: |
Copyright © 2006-2022, Intel Corporation. All rights reserved. |