Turn reporting of local changes on or off

Note: If you use role-based administration:

You must have the Policy setting - firewall right to configure a firewall policy.
You cannot edit a policy if it is applied outside your active sub-estate.

For more information, see Managing roles and sub-estates.

If the firewall configuration on endpoint computers differs from policy, you can turn reporting of local changes off.

Note: This option is not supported on Windows 8 and later.

Turning reporting of local changes off stops the firewall sending "differs from policy" alerts to Enterprise Console about changes made to the global rules, applications, processes, or checksums. You may want to do this, for example, when the endpoint computers are in interactive mode, since these are settings that can be changed by using the learning dialogs.

If the firewall configuration on endpoint computers is intended to conform to policy, you should turn reporting of local changes on.

To turn reporting of local changes off:

Double-click the firewall policy you want to change.
On the Welcome page of the Firewall Policy wizard, click Advanced firewall policy.
Under Configurations, click Configure next to the location for which you want to configure the firewall.
Click the General tab.
Under Reporting, do one of the following:
- To turn reporting of local changes on, select the Display an alert in the management console if local changes are made to the global rules, applications, processes or checksums check box.
- To turn reporting of local changes off, clear the Display an alert in the management console if local changes are made to the global rules, applications, processes or checksums check box.