1.9 Communication Hardware Policy Interface

The Communication Hardware Policy interface provides methods for getting and setting the enforcement for the policy-supported hardware types.

1.9.1 Data Types

Hardware Types:

firewire — IEEE1394 attached devices

irda — infrared attached devices

bluetooth — bluetooth attached devices

ports — serial or com ports

modem — modem and dialup adapters

wireless — wireless network adapters

wired — wired network adapters

bridge — network adapter bridges

any — any of the hardware types

Enforcement Types:

disable — Disable the setting and enforce immediately.

enable — Enable the setting and enforce immediately.

blockConnections — Block connections made by the device; typically applies to wireless network adapters and modems.

blockConnectionsWhenWired — Block connections made by the device only if there is a wired connection.

disableWhenWired — Disable the device when a wired connection is detected.

inherit — Immediately apply enforcement as defined by the current policy/location. Used to clear the script setting.

1.9.2 Enforced Policy Methods

The Enforced Policy methods provide information about whether or not the enforced policy has disabled a specific hardware type.

bool Query.IsHardwareDisabled(string hardwareType)

Description:

Determines if the enforcement for the specified hardware type is set to disabled.

Parameters:

hardwareType — One of the hardware types listed in Section 1.9.1, Data Types.

Returns:

True if the hardware type is disabled by the Endpoint Security Agent. False if the agent will allow the hardware type to be enabled and any hardware disabled by the agent should be re-enabled.

1.9.3 Hardware Enforcement Methods

The Hardware Enforcement methods get and set the enforcment for a specific hardware type.

string Query.GetHardwareEnforcement(string hardwareType)

Description:

Gets the effective enforcement for the specified hardware type.The effective enforcement is determined by resolving any conflicts between the policy enforcement type and the script enforcement type. The script enforcement type overrides the policy enforcement type; if the script enforcement type is inherit, the policy enforcement type is used.

Parameters:

hardwareType — One of the hardware types listed in Section 1.9.1, Data Types.

Returns:

One of the enforcement types listed in Section 1.9.1, Data Types.

string Query.GetHardwarePolicyEnforcement(string hardwareType)

Description:

Gets the enforcement, as set by the policy, for the specified hardware type.

Parameters:

hardwareType — One of the hardware types listed in Section 1.9.1, Data Types.

Returns:

One of the enforcement types listed in Section 1.9.1, Data Types.

string Query.GetHardwareScriptEnforcement(string hardwareType)

Description:

Gets the enforcement, as set by script, for the specified hardware type.

Parameters:

hardwareType — One of the hardware types listed in Section 1.9.1, Data Types.

Returns:

One of the enforcement types listed in Section 1.9.1, Data Types.

int Action.SetHardwareEnforcement(string hardwareType, string enforcement)

Description:

Sets the enforcement for a specific hardware type.

Parameters:

hardwareType — One of the hardware types listed in Section 1.9.1, Data Types.

enforcement — One of the enforcement types listed in Section 1.9.1, Data Types. These values override the effective policy for the hardware type. If the hardware type does not support the enforcement type (such as block, block_when_wired, or disable_when_wired), enforcement is set to disable.

1.9.4 Adapter Connection Methods

The Adaptor Connection methods provide information about whether a specific adapter type has any connections.

bool Query.IsAdapterTypeConnected(string adapterType)

Description:

Determines if a specific adapter has any connections.

Parameters:

adapterType — One of the following: wired, wireless, modem, any.

Returns:

True if an adapter of the requested type currently has a connection. False if there are no adapters of the requested type with a connection.

1.9.5 JScript Example

function DisplayHardwareEnforcement()
{
    Action.Trace("firewire: " + Query.GetHardwareEnforcement("firewire"));
    Action.Trace("wireless: " + Query.GetHardwareEnforcement("bridge"));
}
 
function SetHardwareEnforcement(enf)
{
    Action.Trace("firewire: " + Action.SetHardwareEnforcement("firewire", enf));
    Action.Trace("wireless: " + Action.SetHardwareEnforcement("wireless", enf));
}
 
function IsHardwareDisabled()
{
    Action.Trace("firewire: " + Query.IsHardwareDisabled("firewire"));
    Action.Trace("wireless: " + Query.IsHardwareDisabled("wireless"));
}
 
Action.Trace("");
Action.Trace("Adapter Type Connected:");
Action.Trace("\twireless: " + Query.IsAdapterTypeConnected("wireless"));
Action.Trace("\tany: " + Query.IsAdapterTypeConnected("any"));
Action.Trace("");
Action.Trace("GetHardwareEnforcement:");
DisplayHardwareEnforcement();
Action.Trace("");
Action.Trace("GetHardwarePolicyEnforcement:");
Action.Trace("firewire: " + Query.GetHardwarePolicyEnforcement("firewire"));
Action.Trace("wireless: " + Query.GetHardwarePolicyEnforcement("wireless"));
Action.Trace("");
Action.Trace("GetHardwareScriptEnforcement:");
Action.Trace("firewire: " + Query.GetHardwareScriptEnforcement("firewire"));
Action.Trace("wireless: " + Query.GetHardwareScriptEnforcement("wireless"));
Action.Trace("");
Action.Trace("GetHardwareEnforcement: DisableWhenWired");
DisplayHardwareEnforcement();
Action.Trace("");
Action.Sleep(1000);
 Action.Trace("IsHardwareDisabled: DisableWhenWired");
IsHardwareDisabled();
ret = Action.Prompt("Prompt", "Check for hardware disable when wired", "?", 0, "ok");
Action.Trace("");
Action.Trace("SetHardwareEnforcement: Inherit");
SetHardwareEnforcement("inherit");

1.9.6 VBScript Example

Function DisplayHardwareEnforcement()
    Action.Trace("firewire: " & Query.GetHardwareEnforcement("firewire"))
    Action.Trace("wireless: " & Query.GetHardwareEnforcement("wireless"))
 End Function
 
Function SetHardwareEnforcement(enf)
    Action.Trace("firewire: " & Action.SetHardwareEnforcement("firewire", enf))
    Action.Trace("wireless: " & Action.SetHardwareEnforcement("wireless", enf))
End Function
 
Function IsHardwareDisabled()
    Action.Trace("firewire: " & Query.IsHardwareDisabled("firewire"))
    Action.Trace("wireless: " & Query.IsHardwareDisabled("wireless"))
End Function

Action.Trace("")
Action.Trace("Adapter Type Connected:")
Action.Trace("wireless: " & Query.IsAdapterTypeConnected("wireless"))
Action.Trace("any: " & Query.IsAdapterTypeConnected("any"))
Action.Trace("")
Action.Trace("GetHardwareEnforcement:")
DisplayHardwareEnforcement()
Action.Trace("")
Action.Trace("GetHardwarePolicyEnforcement:")
Action.Trace("firewire: " & Query.GetHardwarePolicyEnforcement("firewire"))
Action.Trace("wireless: " & Query.GetHardwarePolicyEnforcement("wireless"))
Action.Trace("")
Action.Trace("GetHardwareScriptEnforcement:")
Action.Trace("firewire: " & Query.GetHardwareScriptEnforcement("firewire"))
Action.Trace("wireless: " & Query.GetHardwareScriptEnforcement("wireless"))
Action.Trace("")
Action.Trace("SetHardwareEnforcement: DisableWhenWired")
SetHardwareEnforcement("disable_when_wired")
Action.Trace("")
Action.Trace("GetHardwareEnforcement: DisableWhenWired")
DisplayHardwareEnforcement()
Action.Trace("")
Action.Sleep(1000)
 Action.Trace("IsHardwareDisabled: DisableWhenWired")
IsHardwareDisabled();
ret = Action.Prompt("Prompt", "Check for hardware disable when wired", "?", 0, "ok")
Action.Trace("SetHardwareEnforcement: Inherit")
SetHardwareEnforcement("inherit")