Intel AMT Features > System Defense > Use Cases > Get the Default System Defense Policy
CollapseAll image

Get the Default System Defense Policy

 Note:

Default System Defense policies are available from Intel AMT release 4.x

The following steps describe how to get the default System Defense policy for an interface.

1.  Recover an EPR for an instance of CIM_EthernetPort for one of the valid DeviceID values:

Key

Value

DeviceID

     “Intel(r) AMT Ethernet Port 0” – wired port

     “Intel(r) AMT Ethernet Port 1” – wireless port

2.  Traverse AMT_NetworkPortDefaultSystemDefensePolicy, retrieving instances where the “Antecedent” property equals the selected CIM_EthernetPort EPR.

3.  For each instance of AMT_NetworkPortDefaultSystemDefensePolicy, examine the “Dependent” property to verify that it refers to an instance of AMT_SystemDefensePolicy.

4.  Perform AMT_SystemDefensePolicy.Get on this instance.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

# Create a reference to the CIM_EthernetPort instance, select the wired interface.

$ethernetPortRef =$wsmanConnectionObject.NewReference("SELECT * FROM CIM_EthernetPort WHERE DeviceID='Intel(r) AMT Ethernet Port 0'")

$networkPortDefaultSystemDefensePolicyRef =$wsmanConnectionObject.NewReference("AMT_NetworkPortDefaultSystemDefensePolicy")

$networkPortDefaultSystemDefensePolicyRef.AddSelector("Antecedent",$ethernetPortRef)

# Traverse to the AMT_NetworkPortDefaultSystemDefensePolicy instances that are connected to the CIM_EthernetPort instance.

foreach($networkPortDefaultSystemDefensePolicyItem in$networkPortDefaultSystemDefensePolicyRef.Enumerate("http://schemas.dmtf.org/wbem/wsman/1/wsman/SelectorFilter",$null))

{

    # For each instance, check if it is associated to the AMT_SystemDefensePolicy instance.

if($networkPortDefaultSystemDefensePolicyItem.Object.GetProperty("Dependent").IsA("AMT_SystemDefensePolicy"))

    {

          # Get the AMT_SystemDefensePolicy object using its EPR.

          $systemDefensePolicyInstance =$networkPortDefaultSystemDefensePolicyItem.Object.GetProperty("Dependent").Ref.Get()

          break

    }

}

 

 

Instance Diagram

Not applicable

Classes Used in This Flow

SDK Sample

If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.

 

See Also:

   Network Isolation

   System Defense Policies

   Heuristic Policies

   System Defense Filter Types

   Processing Network Packets with System Defense

   Networking Packet Structures

Copyright © 2006-2022, Intel Corporation. All rights reserved.