Created
August 25, 2021 13:35
-
-
Save compwiz32/075f72918fd2755f72b23ff7a56ecdac to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Describe "Local Machine Health Check" { | |
$date = Get-Date | |
Context "Hardware Health Checks" { | |
It "C Drive has more than 1 GB free" { | |
$diskinfo = Get-CimInstance win32_volume | Where-Object { $_.driveletter -like 'c:' } | |
$DiskFreeSpace = $([math]::round((($diskinfo.FreeSpace)/1GB),0)) | |
$DiskFreeSpace | Should BeGreaterThan 1 | |
} | |
} | |
Context "OS Patch Status" { | |
It "Windows patches have been installed in last 60 days" { | |
$PatchList = Get-HotFix | Sort-Object Installedon -Descending | |
$LastInstallDate = $date - $PatchList[0].InstalledOn | |
$LastInstallDate.days | Should BeLessThan 60 | |
} | |
It "Client O/S is not pending reboot" { | |
$RebootPending = Get-ChildItem "HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending" -ErrorAction Ignore | |
$RebootPending | Should be $null | |
} | |
It "Client O/S does not have a reboot required" { | |
$RebootRequired = gci 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired' -ErrorAction Ignore | |
$RebootRequired | Should be $null | |
} | |
It "Client O/S does not have pending file rename operations" { | |
$PendingFileRenameOperations = gci 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations' -ErrorAction Ignore | |
$PendingFileRenameOperations | Should be $null | |
} | |
} | |
Context "Windows Defender Status" { | |
$DefenderInfo = Get-MpComputerStatus | |
It "Antivirus is enabled" { | |
$DefenderInfo.AntivirusEnabled | Should Be "True" | |
} | |
It "AntiSpyware is enabled" { | |
$DefenderInfo.AntispywareEnabled | Should Be "True" | |
} | |
It "OnAccess Protection is enabled" { | |
$DefenderInfo.OnAccessProtectionEnabled | Should Be "True" | |
} | |
It "Realtime Protection is enabled" { | |
$DefenderInfo.RealTimeProtectionEnabled | Should Be "True" | |
} | |
It "Antivirus signature is less than than 4 days old" { | |
$AVSignatureDate = (Get-MpComputerStatus).AntivirusSignatureLastUpdated | |
$AntivirusSigDate = $date - $AVSignatureDate | |
$AntivirusSigDate.days | Should BeLessThan 5 | |
} | |
It "Antispyware signature is less than than 4 days old" { | |
$SpywareSignatureDate = (Get-MpComputerStatus).AntispywareSignatureLastUpdated | |
$AntiSpywareSigDate = $date - $SpywareSignatureDate | |
$AntiSpywareSigDate.days | Should BeLessThan 5 | |
} | |
} | |
Context "Network Connectivity" { | |
It "Client can reach home network gateway" { | |
$ActiveInterface = Get-NetAdapter | Where-Object { $_.status -eq 'up' -and $_.InterfaceDescription -NotLike "PANGP*" } | |
$HomeNetwork = Get-NetIPConfiguration -InterfaceIndex $activeInterface.ifindex | |
$Up = Test-Connection $($HomeNetwork.ipv4Defaultgateway.nexthop) -Count 2 -Quiet | |
$Up | Should Be "true" | |
# $count = (Get-Service | Where-Object { $_.status -eq 'running' } | Measure-Object).Count | |
# $count | Should -BeGreaterOrEqual "130" | |
} | |
It "Client can reach the internet" { | |
$online = Test-Connection google.com -tcpport 443 | |
$online | Should Be "True" | |
} | |
} | |
Context "Client VPN Client Status" { | |
It "Client VPN Service is running" { | |
$services = Get-Service -name "PanGPS" | |
$services.Status | Should Be "Running" | |
} | |
It "Client VPN adaptor is connected" { | |
$VPNAdaptor = Get-NetAdapter | Where-Object { $_.status -eq 'up' -and $_.InterfaceDescription -Like "PANGP*" } | |
$VPNAdaptor.Status | Should Be "Up" | |
} | |
It "VPN Concentrator is online" { | |
$AlignVPN = Test-Connection connect.aligntech.com -tcpport 443 | |
$AlignVPN | Should Be "True" | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment