Intel AMT Features > System Defense > Use Cases > Enable a System Defense Policy
CollapseAll image

Enable a System Defense Policy

The following steps describe how to enable a System Defense policy.

1.  Retrieve the instance of CIM_EthernetPort with the DeviceID of the interface for which you want to enable the System Defense Policy:

Key

Value

DeviceID

     “Intel(r) AMT Ethernet Port 0” – wired port

     “Intel(r) AMT Ethernet Port 1” – wireless port

2.  Retrieve the instance of AMT_SystemDefensePolicy with the InstanceID that you want.

 Note:

The InstanceID is the ID of the System Defense policy you want to enable.

3.  Create an instance of AMT_NetworkPortSystemDefensePolicy, with the following keys:

Key

Value

Antecedent

Use the EPR of the CIM_EthernetPort instance retrieved in step 1.

Dependent

Use the EPR of the AMT_SystemDefensePolicy instance retrieved in step 2.

Click here for a snippet demonstrating this step

This snippet depends on the results of previous snippets: You need to create a policy before trying to enable it.

You can execute this snippet by inserting it into the execution template found here.

  

# Select the wired interface.

$ethernetPortRef =$wsmanConnectionObject.NewReference("SELECT * FROM CIM_EthernetPort WHERE DeviceID='Intel(r) AMT Ethernet Port 0'")

$networkPortSystemDefensePolicyInstance =$wsmanConnectionObject.NewInstance("AMT_NetworkPortSystemDefensePolicy")

$networkPortSystemDefensePolicyInstance.SetProperty("Antecedent",$ethernetPortRef)

# $systemDefensePolicyRef is an EPR to the AMT_SystemDefensePolicy object created by the 'Create System Defense Policy' use case.

$networkPortSystemDefensePolicyInstance.SetProperty("Dependent",$systemDefensePolicyRef)

$networkPortSystemDefensePolicyRef =$networkPortSystemDefensePolicyInstance.Create()

 

 

 

Instance Diagram

Not applicable

Classes Used in This Flow

SDK Sample

If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.

 

See Also:

   Network Isolation

   System Defense Policies

   Heuristic Policies

   System Defense Filter Types

   Processing Network Packets with System Defense

   Networking Packet Structures

Copyright © 2006-2022, Intel Corporation. All rights reserved.