Video Screencast Help

that problem is this?

Created: 05 Oct 2012 | 4 comments
I wonder what this message is and where I can get information. or if you can help me solve this notice so you will not continue to display the user

Comments 4 CommentsJump to latest comment

Mithun Sanghavi's picture


Looks like a Network Application Monitoring message.

Check if - 

Clients > Policies > Location-independant Policies and Settings: Network Application Monitoring > Enable network application monitoring

is turned on.

If yes, turn it off or change "When an application change is detected" to "Allow and log".

But you should only do that if you are sure that the alert was really a false positive.


In SEPM goto "Clients" and click on any of your groups. Then open the "Policies" tab. Click on the third option "Network Application Monitoring". You can switch it off or add an execption for NTOSKRNL.EXE.

Check these Threads, if these helps:

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

ᗺrian's picture

Setting up network application monitoring

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Marduk's picture

sorry. but all the information that you are providing. meeting on forums and firewall blacklist. I served as the firewall is down and the only thing I try to do is I do not see the message again