we have Too much firewall blocked udp traffic almost every second from different sources such dhcp traffic, icmpv6 , and multicast. does this have affect on the hard disk? does it harm the hard disk? does it write the blocked traffic to the hard disk every second?
this is one example
Ever got an answer or any luck with this?
trying also (without much success) to block and *NOT LOG* this traffic, and other network discoveries related ports which I don't think they have any "added value" on an entreprise network
We don't want to log know any of this block traffic as we are always getting calls when people get anything red and thinking this must be related to their problems....
These are the ports related to Network Discovery as per technet blog I am trying to block and not log..my rule trigger but even though I select to NOT log..it seem it log anyway.
This HIPS Activity log data is being written to the EVENT.LOG file; it should have no effect on the hard disk (it's normal log writing).
You cannot force Firewall traffic to NOT be logged to the Activity log, unless you disable the LOG ALL BLOCKED/ALLOWED traffic filter option in the HIPS ClientUI Activity log menu. This will cause all blocked/allowed traffic to NOT be written to the Activity log, unless you have the LOG MATCHING TRAFFIC option in a firewall rule.
The LOG MATCHING TRAFFIC option in the Firewall rule will only force logging ON for network traffic matching the rule, in the event that the LOG ALL BLOCKED/ALLOWED traffic filters are disabled (these options are configurable by any user; not ePO policy-configurable).
Leaving the LOG MATCHING TRAFFIC option off does not force logging OFF for the network traffic matching the rule (it can still be shown in the Activity log if LOG ALL BLOCKED/ALLOWED is enabled).