Windows Firewall: Domain: Logging: Log successful connectionsID: oval:org.secpod.oval:def:83583 | Date: (C)2022-09-02 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
Use this option to log when Windows Firewall with Advanced Security allows an inbound connection. The log records why and when the connection was formed. Look for entries with the word ALLOW in the action column of the log.
Counter Measure:
Configure this policy setting to Yes.
Potential Impact:
Information about successful connections will be recorded in the firewall log file
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security\Windows Firewall Properties\Domain Profile\Logging\Windows Firewall: Domain: Logging: Log successful connections
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging!LogSuccessfulConnections
Platform: |
Microsoft Windows Server 2016 |