Spacen said:
I am trying to determine the status of anti-virus products and firewalls
using WMI. I was hoping that the security centre istself had a WMI or is
the case that the firewall software itself have wmi providers but the
security centre must be quiried though a com interface?
Any pointer on this, I can't seem to find the information.
Hi,
If I run the script below on a computer that have the latest version
of Symantec Client Firewall (corporate edition) installed, I get this
output:
Company Name : Symantec Corporation
Display Name : Symantec Client Firewall
Enabled : True
enableUIParameters :
pathToEnableUI :
versionNumber : 8.6.0.80
On a WinXP SP2 computer with only the builtin firewall available,
I get nothing returned...
'--------------------8<----------------------
strComputer = "." 'Can set to remote machine.
Set oWMI = GetObject _
("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer _
& "\root\SecurityCenter")
Set colFirewall = objSWbemServices.ExecQuery _
("Select * From FirewallProduct")
For Each objFirewall In colFirewall
Wscript.Echo("Company Name : " & objFirewall.companyName)
Wscript.Echo("Display Name : " & objFirewall.displayName)
Wscript.Echo("Enabled : " & objFirewall.enabled)
Wscript.Echo("enableUIParameters : " & objFirewall.enableUIParameters)
Wscript.Echo("pathToEnableUI : " & objFirewall.pathToEnableUI)
wscript.Echo("versionNumber : " & objFirewall.versionNumber)
Next
'--------------------8<----------------------
The output of the script below when having Symantec's
SAV CE 9.0.3 installed:
companyName: Symantec Corporation
displayName: Symantec AntiVirus Corporate Edition
enableOnAccessUIMd5Hash:
enableOnAccessUIParameters:
instanceGuid: {FB06448E-52B8-493A-90F3-E43226D3305C}
onAccessScanningEnabled: True
pathToEnableOnAccessUI:
pathToUpdateUI:
productUptoDate: True
updateUIMd5Hash:
updateUIParameters:
versionNumber: 9.0.3.1000
'--------------------8<----------------------
strComputer = "." 'Can set to remote machine.
On Error Resume Next
Set oWMI = GetObject _
("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer _
& "\root\SecurityCenter")
Set colItems = oWMI.ExecQuery("Select * from AntiVirusProduct")
If Err = 0 Then
For Each objAntiVirusProduct In colItems
WScript.Echo "companyName: " & objAntiVirusProduct.companyName
WScript.Echo "displayName: " & objAntiVirusProduct.displayName
WScript.Echo "enableOnAccessUIMd5Hash: " _
& objAntiVirusProduct.enableOnAccessUIMd5Hash
WScript.Echo "enableOnAccessUIParameters: " _
& objAntiVirusProduct.enableOnAccessUIParameters
WScript.Echo "instanceGuid: " & objAntiVirusProduct.instanceGuid
WScript.Echo "onAccessScanningEnabled: " _
& objAntiVirusProduct.onAccessScanningEnabled
WScript.Echo "pathToEnableOnAccessUI: " _
& objAntiVirusProduct.pathToEnableOnAccessUI
WScript.Echo "pathToUpdateUI: " & objAntiVirusProduct.pathToUpdateUI
WScript.Echo "productUptoDate: " & objAntiVirusProduct.productUptoDate
WScript.Echo "updateUIMd5Hash: " & objAntiVirusProduct.updateUIMd5Hash
WScript.Echo "updateUIParameters: " _
& objAntiVirusProduct.updateUIParameters
WScript.Echo "versionNumber: " & objAntiVirusProduct.versionNumber
Next
Else
Err.Clear
WScript.Echo "Unable to connect to SecurityCenter class on " _
& strComputer & "."
WScript.Echo " Error Number:" & Err.Number
WScript.Echo " Source:" & Err.Source
WScript.Echo " Description:" & Err.Description
End If
'--------------------8<----------------------
