2 Replies Latest reply on Jul 8, 2009 4:55 AM by Javed Lodhi

    It's possible with System Defense?

    MaraS

      Hello all!

       

      I have a question and would like to know if you can help me...

       

      It's possible in the AMT system with the System Defense (or with any other component), isolate the machine from the network when you do not have anti-virus installed or the service stopped?

       

      Or for example when a User opens the msn?

       

      I heard that it could and would be great use in my business!

       

      Tks,

       

      Mara Silveira

        • 1. Re: It's possible with System Defense?
          Trevor.Sullivan

          Mara,

           

          In theory, yes, this could be possible, however I'm not aware of any current implementations of this type of functionality.

           

          The overall process would look something like this:

           

          1) AMT Watchdog component is configured to monitor for "antivirus.exe"

          2) When "antivirus.exe" terminates, a notification is sent to an event capturing server

          3) Based on this event, the server triggers a script that remotely enables a pre-configured network policy on the AMT device

           

          I haven't spent enough time trying to program around these APIs, so I don't have any specifics to share with you at this point. Hopefully one day I will though

           

          Hope this helps,

           

          Trevor Sullivan

          Systems Engineer

          OfficeMax Corporation

          • 2. Re: It's possible with System Defense?
            Javed Lodhi

            Hi Mara,

            Correct me if I am wrong but what I have understood so far from your query is that you want to disable services such as MSN and other services remotely on computers using ISDU (Intel System Defense Utility) meanwhile the PCs do not have antivirus program installed locally.

            If that is what you are looking for, Yes it does! ISDU does provision you to block/allow all or a few ports (custom) which means you can allow/block access to any application/service even MSN on PCs locally without having an antivirus installed. Moreover, it also provides you with a very basic firewall i.e. Apply and customize network policies to managed client PCs by applying basic filters such as No Ping, Anti-Spoofing, No Internet Access (Local Access Only), Block/Allow Limited Services.

            However ISDU is a very basic utility that is offered for free by Intel. You can also try Intel IT Director which also comes for free and is available for download at Intel's website which gives you more features. For an advanced level, we do have multiple options that you can try as an alternate but of course they are licensed.

            Hope this answers your question, however for any further information, feel free to contact us and we'll be glad to help.

            Thank you, have a great day!

            --

            Warm Regards,

            Javed Lodhi

            Intel Go Green, Save The Environment!