Windows Windows Firewall
If client workstations are taking advantage of the built-in host-based Windows Firewall, then there is value in collecting events to track the firewall status. For example, if the firewall state changes from on to off, then that log should be collected. Normal users should not be modifying the firewall rules of their local machine. The below events for the listed versions of the Windows operating system are only applicable to modifications of the local firewall settings.
Related Solution
AIS Managed SIEM
Explore our Solutions
Organizations are constantly faced with the challenge of adopting new technologies while safeguarding against potential security threats. The need for robust IT solutions has never been more pressing.

AIS Labs
AIS offers a variety of technology solutions leveraging enterprise open-source software, developed and maintained by AIS engineers. These include AIS Managed Firewall, NMS, SIEM, and VoIP.