Windows Firewall Test
If the Windows firewall rules of the Active Directory server are changed – i.e., are added, modified, or removed – it can impact accesses to and from the server. This is why, it is important that such critical changes are tracked and vetted. For this purpose, administrators can take the help of the Windows Firewall test. This test brings Windows Firewall configuration changes to the immediate notice of administrators, reports what has changed, and also reveals who made the change. This enables administrators to rapidly isolate unauthorized / unnecessary changes. In addition, the test also captures and reports firewall rules that failed to load the group policy, so that administrators can troubleshoot the failure.
Target of the test : An Active Directory
Agent deploying the test : An internal agent
Outputs of the test : One set of results for every Active Directory site that is being monitored
| Parameters | Description |
|---|---|
|
Test period |
This indicates how often should the test be executed. |
|
Host |
The IP address of the machine where the Active Directory is installed. |
|
Port |
The port number through which the Active Directory communicates. The default port number is 389. |
|
DD Frequency |
Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD Frequency. |
|
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
| Measurement | Description | Measurement Unit | Interpretation |
|---|---|---|---|
|
Firewall rule added |
Indicates the number of firewall rules that were added during the last measurement period. |
Number |
The detailed diagnosis of this measure reveals the firewall rules that were added and the user who added them. |
|
Firewall rule changed |
Indicates the number of firewall rules that were changed during the last measurement period. |
Number |
The detailed diagnosis of this measure reveals the firewall rules that were changed and who changed them. |
|
Firewall rule deleted |
Indicates the number of firewall rules that were deleted during the last measurement period. |
Number |
The detailed diagnosis of this measure reveals the firewall rules that were deleted and the user who deleted them. |
|
Firewall rule failed to load group policy |
Indicates the number of firewall rules that failed to load the group policy during the last measurement period. |
Number |
The detailed diagnosis of this measure reveals the firewall rules that failed to load the group policy. |
