3 Replies Latest reply on Oct 27, 2008 3:29 PM by bxs

    Turn off firewall logging in HIPS

      We are in the process of deploying HIPS 7.0. Unfortunately, by default, the firewall portion of HIPS is logging all BLOCKED traffic on every client machine.

      I'd like to turn this off as it is not necessary to be running all of the time. I do not see any policies specific to this in ePO. Using regshot (before and after comparison of the registry) after unchecking the 'log all blocked traffic' it appears at the FireNetPrefs.txt file is being altered. I suspect this is where the setting is stored...however this file is not human-readable at all (despite the .txt extension).

      Has anyone had a similar quandry - if so, how did you solve? (p.s. manually turning this off on each machine is not an acceptable solution for 4000+ workstations).

      Thanks...