The following steps describe how to set an agent watchdog’s system defense policy.
1. Retrieve the instance of CIM_EthernetPort with the DeviceID property of the interface for which you want to set the System Defense Policy:
• “Intel(r) AMT Ethernet Port 0” – wired port
• “Intel(r) AMT Ethernet Port 1” – wireless port
2. Create an instance of AMT_AgentPresenceInterfacePolicy where:
• The AMT_AgentPresenceInterfacePolicy.Antecendant property is set to the EPR of the required CIM_EthernetPort instance
• The AMT_AgentPresenceInterfacePolicy.Dependent property is set to the EPR of the required AMT_SystemDefensepolicy instance.
Click here for a snippet demonstrating this step
You can execute this snippet by inserting it into the execution template found here.
$instanceID =# The ID of the System Defense policy you want to enable.
$systemDefensePolicyRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_SystemDefensePolicy WHERE InstanceID='" +$instanceID +"'")
# Get a reference to the wired ethernet port.
$ethernetPortRef =$wsmanConnectionObject.NewReference("SELECT * FROM CIM_EthernetPort WHERE DeviceID='Intel(r) AMT Ethernet Port 0'")
• This use case assumes that a system defense policy already exists. To create a system defense policy, see Create a System Defense Policy.
• To retrieve the system defense policy enabled by the Agent Presence service, see Get Active and Enabled Policies.
• If this flow is used to associate a System Defense policy to Agent Presence and a local agent already performed a transition to a state that enables a policy, this policy will be enabled immediately. If it has the highest priority among the enabled policies, this policy will become the active policy.
Classes Used in This Flow
If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.
Copyright © 2006-2022, Intel Corporation. All rights reserved.