5 Replies Latest reply on Mar 2, 2015 10:01 AM by Kary Tankink

    HIPs 8 - Disabling of Firewall - Log


      Had a question related to end users disabling the firewall through the McAfee end point agent. We have set to refresh every 15 min and in talks about hiding that feature in the end point agent. My question is related to logging that activity of an end user disabling the firewall. Is it logged somewhere locally on the machine or to ePO? I have looked at the event logs on a machine that I am testing and did not see any generated events for that actions


      I know that I can generate a report in ePO pulling from the system all end points that have the firewall disabled but that report is only valid from the last end point agent check in. So I would manually have to pull one of the end points from the report and manually send it a wake up call to get the latest information from the that end point.