Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

How can I disable the firewall balloon notification only?

Created: 11 Feb 2013 | 5 comments

So currently our SEP implementation does not have the SEP Firewall enabled.  Also our Windows Firewall is not enabled.  Because neither of these are enabled I receive a pop-up message from the Action Center stating "Turn On Windows Firewall".  Now from what I've been reading it looks like there is a way through GPO to suppress all Action Center notifications but the question is if there is any way to suppress JUST the windows firewall notifications.  This has only started happening since we upgraded to SEP 12 and its causing confusion among our employees unforutnately.

Comments 5 CommentsJump to latest comment

.Brian's picture

Check this thread, might be a bug fixed in next release:

https://www-secure.symantec.com/connect/forums/121...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

Have a look here:

http://technet.microsoft.com/en-us/library/ee61716...

http://social.technet.microsoft.com/Forums/en-US/w...

 

User Configuration\Administrative Templates\Start Menu and Taskbar -> Remove the Action Center icon - will remove the Action Center icon and alongside of it all the possible notifications

 

From the second link -

DISABLE firewall notifications; [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101] "CheckSetting"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,\ 01,00,00,00,50,af,75,7c,db,bc,c9,47,b3,e8,09,5c,14,3a,93,83,00,00,00,00,02,\ 00,00,00,00,00,03,66,00,00,c0,00,00,00,10,00,00,00,8e,26,07,26,60,af,37,01,\ 0a,d0,c8,3d,01,6f,8f,27,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,a4,\ e2,62,ea,16,60,4c,43,d5,e2,52,ff,5e,71,79,53,28,00,00,00,fc,7e,90,bc,fe,b1,\ a6,cf,4e,47,6a,34,80,e6,92,86,7a,e5,22,d6,60,a3,89,e4,5b,07,2f,58,87,c1,98,\ 6c,f0,92,df,36,04,8b,70,cf,14,00,00,00,53,aa,30,5c,ca,fa,db,5f,0e,69,d1,30,\ 26,02,a2,ee,b9,1a,ed,25

ENABLE firewall notifications; [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101] "CheckSetting"=hex:23,00,41,00,43,00,42,00,6c,00,6f,00,62,00,00,00,00,00,00,00,\ 00,00,00,00,01,00,00,00,4c,00,00,00,48,17,00,00

...check the above links for details - not sure if this is 100% working - you would need to test.

 

SEP_FMI's picture

This is interesting.  I'm going to do a little work with the REG_BINARY you provided and see if it works across the board.

 

Thanks,

Mike

SEP_FMI's picture

So I tried what SebastianZ recommended and it worked.  But there is something within GPO that is rewriting the regkey and causing this key to be reverted back.  From the testing I did it appears to be related to the fact that within the Action Center the "Change Action Center settings" Network firewall check box stays checked.  So at some point it must go back and revert the regkey. 

 

I scoured the Microsoft forums and really at the moment it sounds like this is not an option.  So I'm not pursuing it any further.  Instead management has decided to go with enabling the SEP firewall and just leaving it on very loosely.  This should allow Microsoft to recognize that there is a firewall enabled in place even though it might not be doing much of anything.

SebastianZ's picture

HI SEP_FMI - thanks for the confirmation that this is indeed working ...to some point. Leaving SEP firewall enabled will definitely remove all Windows notifications regarding this - and you can set the SEP FW rules according to your needs as well.