Filter
Top Products
Intel® vPro™ and Intel® Centrino® Pro Processor Technology Quick Start Guide
31
• A UDP flood policy which will trigger SD if Intel AMT sees at least 20,000 UDP packets per second
and will monitor for a Denial-of-service attack.
• An SYN flood policy which will trigger SD if Intel AMT sees at least 20,000 IP packets per second
and will monitor for a Denial-of-service attack.
• A Kill All NICs policy which will stop all network traffic except for LANDesk management, Intel
AMT, DNS, and DHCP traffic, thus isolating the client system from the network except for system
management functions.
Note: In LANDesk 8.8 there is no GUI to create or modify System Defense filters or policies. Currently
all modifications have to be made to the XML pages used for System Defense.
Once SD triggers an alert, the alert is displayed in the LSM log. LANDesk and Intel AMT limit network
access by replacing the current client policy with the Kill All NICs policy when SD is triggered. The client
machine is also placed in the Remediation queue, which can be found in Configure | Intel vPro
Options | System Defense | Remediation. Once the machine is remediated, the Kill All NICs policy
is removed and the previous policy is re-applied. The administrator must manually perform the actual
remediation of removing the virus or spyware, or fixing whatever caused the SD to be triggered.
Congratulations! You are now on your way to more productively managing a powerful computer
system. This can improve your productivity and provide a valuable return on your investment.