Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1741 Views 3 Replies Latest reply: Oct 27, 2008 3:29 PM by bxs RSS
Newcomer 49 posts since
Aug 27, 2008
Currently Being Moderated

Oct 24, 2008 11:49 AM

Turn off firewall logging in HIPS

We are in the process of deploying HIPS 7.0. Unfortunately, by default, the firewall portion of HIPS is logging all BLOCKED traffic on every client machine.

I'd like to turn this off as it is not necessary to be running all of the time. I do not see any policies specific to this in ePO. Using regshot (before and after comparison of the registry) after unchecking the 'log all blocked traffic' it appears at the FireNetPrefs.txt file is being altered. I suspect this is where the setting is stored...however this file is not human-readable at all (despite the .txt extension).

Has anyone had a similar quandry - if so, how did you solve? (p.s. manually turning this off on each machine is not an acceptable solution for 4000+ workstations).

Thanks...
  • Newcomer 229 posts since
    Oct 6, 2005
    Currently Being Moderated
    2. Oct 27, 2008 3:23 PM (in response to bxs)
    RE: Turn off firewall logging in HIPS
    The log only grows to 1 meg and then appends. The log is in plain text.
    The impact to log blocked traffic is so small it can't be measured.

    The only way to turn it off is to open the local UI and un-check it.

    -R-

More Like This

  • Retrieving data ...

Bookmarked By (0)