Creating System Filters

Supported Intel AMT Features > System Defense > Using the System Defense API > Creating and Applying System Defense Policies > Creating System Filters

Creating System Filters

How system filters (“Else” and “Anti-spoofing”) are created by the HLAPI depends on which of the overloaded Policy constructor options you implement:

• Policy Constructor #1 – The “Else” filters are created with false values and anti-spoofing is not enabled. Note that the “Else” filters are always created even if they are not used.

• Policy Constructor #2 – Creates system filters according to settings you define.

(These constructors are used in step #3 of Creating and Applying System Defense Policies.)

The “Else” filters are represented by instances of the PolicyFilter class (one for each direction) using these properties:

• DefaultCount

• DefaultDrop

• DefaultMatchEvent

• DefaultPolicyFilter – This property defines that “Else” filters will not be used (all values of the other PolicyFilter properties are set to false).

The Anti-spoofing filter is defined in the antiSpoofingSupport property of the policy (see AntiSpoofingSupport).

Examples

These C# examples show how to create the system filters.

Creating “Else” and “Anti-spoofing” filters

//Define the “Else” filters

PolicyFilter TxFilter = newPolicyFilter(true, true, true);

PolicyFilter RxFilter = newPolicyFilter(true, false, false);

//Create the Policy with the “Else” filters and an “Anti-spoofing” filter

Policy policy2 = newPolicy("myPolicy2", 5, 300, filtersCollection,

TxFilter, RxFilter, AntiSpoofingSupport.Count);

Creating the “Anti-spoofing” filter without “Else” filters

Policy policy2 = newPolicy("myPolicy2", 8, 0, filtersCollection,

PolicyFilter.DefaultPolicyFilter,PolicyFilter.DefaultPolicyFilter,

AntiSpoofingSupport.Count);