3.2.5.3 Processing an SoHR

The following procedure describes how the SoHR is processed.

  1. Initialization:

    1. Set TLV-index to 1.

    2. If the value of the 'f' bit ([TNC-IF-TNCCSPBSoH]) is 1, set RemediationRequired to TRUE. Else set RemediationRequired to FALSE.

  2. If the TLV-Index value is larger than the number of TLVs in the SoHR, stop processing.

  3. If TLV-Index points to a health class ID TLV (that is, TLV_Type is set to 8), do the following:

    1. Store the value of the health class ID TLV in HealthClassId.

    2. Increment TLV-Index by 1.

    3. If TLV-Index is larger than the number of TLVs, stop processing.

    4. If TLV-Index does not point to a compliance result code TLV (that is, TLV_Type does not equal 4), go to step 4.

    5. For each ComplianceCode (up to two compliance codes) in the TLV, do the following:

      1. If ComplianceCode is equal to S_OK, do the following.

        HealthClassId

        Action

        Firewall (0)

        Call SendMessageToUI("Firewall is OK.").

        Antivirus (1)

        Call SendMessageToUI("Antivirus is OK.").

        Antispyware (2)

        Call SendMessageToUI("Antispyware is OK.").

        Automatic Updates (3)

        Call SendMessageToUI("Automatic updates feature is OK.").

        Security Updates (4)

        Call SendMessageToUI("No required software updates.").

      2. If ComplianceCode is equal to E_MSSHV_PRODUCT_NOT_ENABLED (0xC0FF0001), do the following.

        HealthClassId

        RemediationRequired == TRUE

        RemediationRequired == FALSE

        Firewall (0)

        Call the RemediateFirewall abstract interface (section 3.2.4.15).

        If successful, call SendMessageToUI("Firewall activation in progress."), else call SendMessageToUI("Firewall activation failed. Firewall should be activated by administrator.").

        Call SendMessageToUI("Firewall should be activated by administrator.").

        Antivirus (1)

        Call SendMessageToUI("Antivirus should be activated by administrator.").

        Antispyware (2)

        Call the RemediateAntispyware abstract interface (section 3.2.4.16) with the parameter set to TRUE.

        If successful, call SendMessageToUI("Antispyware activation in progress."), else call SendMessageToUI("Antispyware activation failed. Antispyware should be activated by administrator.").

        Call SendMessageToUI("Antispyware should be activated by administrator.").

        Automatic Updates (3)

        Call the RemediateAutomaticUpdates abstract interface (section 3.2.4.17).

        If successful, call SendMessageToUI("Automatic updates activation is in progress."), else call SendMessageToUI("Automatic updates activation failed. Automatic updates should be enabled by administrator.").

        Call SendMessageToUI("Automatic updates should be enabled by administrator.").

      3. If ComplianceCode is equal to E_MSSHAV_PRODUCT_NOT_INSTALLED (0xC0FF0002), do the following.

        HealthClassId

        Action

        Firewall (0)

        Call SendMessageToUI("Firewall is not installed.").

        Antivirus (1)

        Call SendMessageToUI("Antivirus is not installed.").

        Antispyware (2)

        Call SendMessageToUI("Antispyware is not installed.").

      4.  If ComplianceCode is equal to E_MSSHV_THIRD_PARTY_PRODUCT_NOT_ENABLED (0xC0FF0047), do the following.

        HealthClassId

        Action

        Firewall (0)

        Call SendMessageToUI("Third party firewall is not enabled.").

        Antivirus (1)

        Call SendMessageToUI("Third party antivirus is not enabled.").

        Antispyware (2)

        Call SendMessageToUI("Third party antispyware is not enabled.").

      5.  If ComplianceCode equals E_MSSHV_THIRD_PARTY_PRODUCT_NOT_UPTODATE (0xC0FF0048), do the following.

        HealthClassId

        Action

        Antivirus (1)

        Call SendMessageToUI("Third party antivirus is not up-to-date").

        Antispyware (2)

        Call SendMessageToUI("Third party spyware is not up-to-date").

      6. If ComplianceCode equals E_MSSHAV_WSC_SERVICE_DOWN (0xC0FF0003), do the following:

        1. If RemediationRequired equals TRUE, do the following:

          1. Call the StartWSCService abstract interface (section 3.2.4.18).

          2. If successful, call SendMessageToUI("Windows Security Center service is starting"), else call SendMessageToUI("Windows Security Center service failed to start. Windows Security Center service should be started by administrator.").

        2. If RemediationRequired equals FALSE, Call SendMessageToUI("Windows Security Center service should be started by administrator").

      7. If ComplianceCode equals E_MSSHV_PRODUCT_NOT_UPTODATE (0xC0FF0004), do the following:

        HealthClassId

        RemediationRequired == TRUE

        RemediationRequired == FALSE

        Antivirus (1)

        Call SendMessageToUI("Antivirus signatures should be updated by administrator").

        Antispyware (2)

        Call RemediateAntispyware abstract interface (section 3.2.4.16) with the parameter set to FALSE.

        If successful, call SendMessageToUI("Antispyware signatures update in progress"), else call SendMessageToUI("Antispyware signatures update failed. Antispyware signatures should be updated by administrator").

        Call SendMessageToUI("Antispyware signatures should be updated by administrator.").

      8. If ComplianceCode equals one of the following values, do the action as described in the following table.

        ComplianceCode

        RemediationRequired == TRUE

        RemediationRequired == FALSE

        E_MSSHAV_NO_CLIENT_ID (0xC0FF000D)

        Call the DoOnlineScan abstract interface (section 3.2.4.19).

        If successful, call SendMessageToUI("Windows is scanning for security updates."), else call SendMessageToUI("Windows failed to scan for security updates. An administrator must synchronize this computer with the Windows Server Update Services server.").

        Call SendMessageToUI("An administrator must synchronize this computer with the Windows Server Update Services server.").

        E_MSSHV_SYNC_AND_INSTALL_UPDATES (0xC0FF0007)

        Call the DoSecuritySoftwareUpdate abstract interface (section 3.2.4.20) with the parameter set to ComplianceCode2.

        If successful, call SendMessageToUI("Windows is installing the required security updates."), else call SendMessageToUI("Windows failed to install the required security updates. An administrator must install required security updates.").

        Call SendMessageToUI("An administrator must install required security updates.").

        E_MSSHAV_WSC_SERVICE_NOT_STARTED_SINCE_BOOT (0xC0FF0018)

        Call SendMessageToUI("Windows will update the security state of this computer automatically once the services have started.").

        Call SendMessageToUI("An administrator must update the security state of the system once system initialization is completed.").

        E_MSSHV_WUS_SHC_FAILURE (0xC0FF0012L)

        Call SendMessageToUI("The Network Policy Server was unable to validate the security update status of this computer.").

        E_MSSHAV_NO_WUS_SERVER (0xC0FF000C)

        Call SendMessageToUI("The Windows Update Agent on this computer is not configured to synchronize with a Windows Server Update Services server.").

        E_MSSHAV_UPDATES_INSTALLED_REQUIRE_REBOOT (0xC0FF0010)

        Call SendMessageToUI("Security updates have been installed and require this computer to be restarted.").

        E_MSSHAV_WUA_SERVICE_DISABLED (0xC0FF000E)

        Call SendMessageToUI("The Windows Update Agent startup is manual or disabled.").

        E_MSSHAV_WUA_SERVICE_NOT_STARTED_SINCE_BOOT (0x00FF0008)

        Call SendMessageToUI("The Windows Server Update Services has not started.").

        E_MSSHAV_WUA_COMM_FAILURE (0xC0FF000F)

        Call SendMessageToUI("The periodic scan of this computer for security updates failed.").

        E_MSSHAV_BAD_UPDATE_SOURCE_MU (0xC0FF004E)

        Call SendMessageToUI("An administrator must configure the Windows Update Agent service to receive updates from Microsoft Update.").

        E_MSSHAV_BAD_UPDATE_SOURCE_WUMU (0xC0FF004)

        Call SendMessageToUI("An administrator must configure the Windows Update Agent service to receive updates from Windows Update or Microsoft Update.").

        E_MSSHAV_BAD_UPDATE_SOURCE_MUWSUS (0xC0FF0050)

        Call SendMessageToUI("An administrator must configure the Windows Update Agent service to receive updates from Windows Server Update Services or Microsoft Update.").

        E_MSSHAV_NO_UPDATE_SOURCE (0xC0FF0051)

        Call SendMessageToUI("An administrator must configure the Windows Update Agent service.").

  4. Increment TLV-Index by 1.

  5. Go to step 2.