chad.lemke 0 Posted September 15, 2014 Share Posted September 15, 2014 (edited) I keep on having a notification popup on clients. It says the firewall profile modified, see attached screenshot. I don't understand what is causing this. What could be causing it to keep popping up every 5 or so minutes? It is a test group that I have and have authentication networks activated. Currently it is set to verify the domain and DNS servers. It shows on Win8 and Win7 clients. I am using Endpoint Security 5 with ESET Remote Administrator. I have display only notifications that require user interaction enabled, and verbosity is set to informative. I can't sem to find where I can control this from the ERAS. Thanks Edited September 15, 2014 by chad.lemke Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted September 15, 2014 Administrators Share Posted September 15, 2014 It means that you have multiple firewall profiles created and they are bound to certain network settings that change in time (e.g. DNS server, local IP, DHCP server, SSID, network adapter type, etc.). You can configure these settings in the zone authentication setup where you can specify which network settings will be used for zone authentication. Link to comment Share on other sites More sharing options...
chad.lemke 0 Posted September 15, 2014 Author Share Posted September 15, 2014 I only have one firewall profile set on the Remote Administrator. It is attached in the screenshot (eraszones.png), and I only have it verifying against DNS servers, and the domain. I did notice on the client side it has a separate listing for DNS and it shows IPV6 (clientzones.png). Could that be causing the notifications for the profile change? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted September 16, 2014 Administrators Share Posted September 16, 2014 I see there are no IP addresses or subnets defined for "Onsite" zone. That means you most likely use this zone to apply certain firewall rules bound to "Onsite" firewall profile when the zone gets authenticated. Could you confirm? Maybe it'd make it clear if you explained the purpose of having "Onsite" zone and "Onsite" firewall profile created. Link to comment Share on other sites More sharing options...
chad.lemke 0 Posted September 16, 2014 Author Share Posted September 16, 2014 Correct I have the Onsite zone for Authentication and then apply that to a firewall profile. I only want the firewall rule to apply when it is on our network (Onsite). Did I not set this correctly? See attached screenshot. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted September 17, 2014 Administrators Share Posted September 17, 2014 That's correct. What's happening is that the zone gets authenticated because all conditions specified in the Zone authentication tab are met which triggers the notification. Afterwards, all firewall rules bound to that profile will be applied. Link to comment Share on other sites More sharing options...
chad.lemke 0 Posted September 17, 2014 Author Share Posted September 17, 2014 Does ESET authenticate at periodic intervals throughout the day? I get notifications around once an hour. Does disabling firewall notifications disable any notifications that would take place if a virus were detected? Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 3, 2014 Share Posted October 3, 2014 The notifications your seeing aren't the regular VSD updates ? because those are by default every 60m. Link to comment Share on other sites More sharing options...
Recommended Posts