Jump to content

Firewall Profile Modified Notification


chad.lemke
 Share

Recommended Posts

I keep on having a notification popup on clients. It says the firewall profile modified, see attached screenshot. I don't understand what is causing this. What could be causing it to keep popping up every 5 or so minutes? It is a test group that I have and have authentication networks activated. Currently it is set to verify the domain and DNS servers. It shows on Win8 and Win7 clients. I am using Endpoint Security 5 with ESET Remote Administrator. I have display only notifications that require user interaction enabled, and verbosity is set to informative. I can't sem to find where I can control this from the ERAS.

 

 

Thanks

post-4507-0-82243500-1410756411_thumb.png

Edited by chad.lemke
Link to comment
Share on other sites

  • Administrators

It means that you have multiple firewall profiles created and they are bound to certain network settings that change in time (e.g. DNS server, local IP, DHCP server, SSID, network adapter type, etc.). You can configure these settings in the zone authentication setup where you can specify which network settings will be used for zone authentication.

Link to comment
Share on other sites

I only have one firewall profile set on the Remote Administrator. It is attached in the screenshot (eraszones.png), and I only have it verifying against DNS servers, and the domain. I did notice on the client side it has a separate listing for DNS and it shows IPV6 (clientzones.png). Could that be causing the notifications for the profile change?

post-4507-0-32370400-1410805867_thumb.png

post-4507-0-99224400-1410805983_thumb.png

Link to comment
Share on other sites

  • Administrators

I see there are no IP addresses or subnets defined for "Onsite" zone. That means you most likely use this zone to apply certain firewall rules bound to "Onsite" firewall profile when the zone gets authenticated. Could you confirm? Maybe it'd make it clear if you explained the purpose of having "Onsite" zone and "Onsite" firewall profile created.

Link to comment
Share on other sites

Correct I have the Onsite zone for Authentication and then apply that to a firewall profile. I only want the firewall rule to apply when it is on our network (Onsite). Did I not set this correctly? See attached screenshot.

post-4507-0-83311900-1410892290_thumb.png

Link to comment
Share on other sites

  • Administrators

That's correct. What's happening is that the zone gets authenticated because all conditions specified in the Zone authentication tab are met which triggers the notification. Afterwards, all firewall rules bound to that profile will be applied.

Link to comment
Share on other sites

Does ESET authenticate at periodic intervals throughout the day? I get notifications around once an hour. Does disabling firewall notifications disable any notifications that would take place if a virus were detected?

Link to comment
Share on other sites

  • 3 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...