asked on

group policy to disable the Windows notifications for the firewall?

A little background to my issue. During the installation of the Kaspersky, it disables all the windows firewall for all except the domain. I have remedied this by creating an offline policy in Kaspersky which enables the Kaspersky firewall when out of the office (ie not connected to the office network). The problem now is that users in the office now see a notification showing that the firewall is disabled even though it’s enabled in all scenarios. It’s just that work and home show as disabled when the clients are connected to the office LAN. I've looked into the notifications and you can disable the notifications for firewall on a client by client basis but i want a way to achieve this through group policy.

strivoli

Do you mean the notification inside Windows 7 Action Center?

hirenvmajithiya

In GPO, navigate to Computer Configuration > Administrative Templates > Windows Components > Security Center.
In that, you will find "Turn on Security Center (Domain PCs only)". Just double click it and say "Disable"

Hiren

resolver1

ASKER

yeah the messages pop up as part of the action centre. However, I don't want to disable the whole of the action centre, just firewall messages.

strivoli

I've ended my tests and searches for official white-papers. Please be patient. I'll report tomorrow morning (about 12 hours from now). Thank you.

hirenvmajithiya

If you don't want to disable whole action center, you can just disable firewall notification by pushing small registry setting using GPO Preferences.

HKLM,"System\CurrentControlSet\Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile","DisableNotifications",0x00010001,0

If you set the value of DisableNotifications to 1 means no notification for firewall.

Source : http://www.microsoft.com/windowsembedded/en-us/develop/windows-xp-embedded-firewall.aspx

Hiren

strivoli

Hiren, the source (and the solution) you specified relates to XP and the posted question relates to 7. The specified key exists on 7 but I suspect it is unused. If I set the DisableNotifications value to 1 in the StandardProfile (and I've done the same under DomainProfile and PublicProfile) I still have "Turn off messages about network firewall" available in the Action Center, even after rebooting. I'm afraid your solution does not work.

ASKER CERTIFIED SOLUTION

strivoli

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

resolver1

ASKER

its a tough one. Ive tried to use process monitor from sysinternals to track the registry changes but its like trying to find a needle in a heystack, i failed. your help is much appreciated.

strivoli

I wish to help with Process Monitor. After your capture is done:
a. Select "Show Registry activity",
b. Include the Explorer.EXE Process Name (in order to see only Explorer.EXE actions against the Registry),
c. Include the RegSetValue Operation (in order to see only the SET operations in the Registry).

Once you've applied these 3 filters your list should have only few rows. Remember to start capture a while before changing the setting in the Action Center and stop the capture immediately after. If you leave the capture running for a long time (tens of seconds) the filter operations and searches might require a long time.

resolver1

ASKER

I think ill go with option a strivoli. Thanks for all your hardwork, im very appreciative and the tips about process monitor will come in very handy. Thanks

resolver1

ASKER

Thanks

strivoli

Thank you for your feedback. If I did help, I kindly ask you to close the question. Have a nice day!

strivoli

Sorry, I wrote last post while you were closing the question. Thank you for closing it. Bye!