Intel AMT Features > System Defense > Use Cases > Disable a System Defense Policy
CollapseAll image

Disable a System Defense Policy

The following steps describe how to disable a System Defense policy.

1.  Retrieve the instance of CIM_EthernetPort with the DeviceID of the interface whose System Defense Policy you wish to disable:

Key

Value

DeviceID

     “Intel(r) AMT Ethernet Port 0” – wired port

     “Intel(r) AMT Ethernet Port 1” – wireless port

2.  Retreive the instance of AMT_SystemDefensePolicy with the InstanceID that you want.

 Note:

The InstanceID is the ID of the System Defense policy you want to disable.

3.  Get the instance of AMT_NetworkPortSystemDefensePolicy, using the following keys:

Key

Value

Antecedent

Use the EPR of the CIM_EthernetPort retrieved in step 1.

Dependent

Use the EPR of the AMT_SystemDefensePolicy retrieved in step 2.

 

4.  Invoke Delete on the instance of AMT_NetworkPortSystemDefensePolicy returned in step 3.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

# $systemDefensePolicyRef is an EPR to the AMT_SystemDefensePolicy object created by the 'Create System Defense Policy' use case.

$systemDefensePolicyInstance =$systemDefensePolicyRef.Get()

$instanceID =$systemDefensePolicyInstance.GetProperty("InstanceID")

# Create a reference to the CIM_EthernetPort instance, select the wired interface.

$ethernetPortRef =$wsmanConnectionObject.NewReference("SELECT * FROM CIM_EthernetPort WHERE DeviceID='Intel(r) AMT Ethernet Port 0'")

$networkPortSystemDefensePolicyRef =$wsmanConnectionObject.NewReference("AMT_NetworkPortSystemDefensePolicy")

$networkPortSystemDefensePolicyRef.AddSelector("Antecedent",$ethernetPortRef)

# Traverse to the AMT_NetworkPortSystemDefensePolicy instances that are connected to the CIM_EthernetPort instance.

foreach($networkPortSystemDefensePolicyItem in$networkPortSystemDefensePolicyRef.Enumerate("http://schemas.dmtf.org/wbem/wsman/1/wsman/SelectorFilter",$null))

{

    # For each instance, check if it is associated to the AMT_SystemDefensePolicy instance.

if($networkPortSystemDefensePolicyItem.Object.GetProperty("Dependent").IsA("AMT_SystemDefensePolicy"))

    {

          # Get the AMT_SystemDefensePolicy object using its EPR.

          $systemDefensePolicyInstance =$networkPortSystemDefensePolicyItem.Object.GetProperty("Dependent").Ref.Get()

          if($systemDefensePolicyInstance.GetProperty("InstanceID") -like $instanceID)

          {

                $networkPortSystemDefensePolicyRef =$networkPortSystemDefensePolicyItem.Object.ToReference("Antecedent","Dependent")

                $networkPortSystemDefensePolicyRef.Delete()

          }

    }

}

 

 

Instance Diagram

Not applicable

Classes Used in This Flow

SDK Sample

If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.

 

See Also:

   Network Isolation

   System Defense Policies

   Heuristic Policies

   System Defense Filter Types

   Processing Network Packets with System Defense

   Networking Packet Structures

Copyright © 2006-2022, Intel Corporation. All rights reserved.