Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 848 Source: Security

Source
Description
The following policy was active when the Windows Firewall started.

Group Policy applied: No
Profile used: Standard
Interface: All interfaces
Operational mode: On
Services:
     File and Printer Sharing: Enabled
     Remote Desktop: Disabled
     UPnP Framework: Disabled
Allow remote administration: Disabled
Allow unicast responses to multicast/broadcast traffic: Disabled
Security Logging:
     Log dropped packets: Disabled
     Log successful connections Disabled
ICMP:
     Allow incoming echo request: Enabled
     Allow incoming timestamp request: Disabled
     Allow incoming mask request: Disabled
     Allow incoming router request: Disabled
     Allow outgoing destination unreachable: Disabled
     Allow outgoing source quench: Disabled
     Allow outgoing parameter problem: Disabled
     Allow outgoing time exceeded: Disabled
     Allow redirect: Disabled
     Allow outgoing packet too big: Disabled

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Comments
 
This message is recorded by Windows XP SP2 at startup indicating the policy that will be used by the embedded firewall. The settings that will be used are displayed in the event description. The Windows Firewall can be configured using the Local Area Connection applet, Advanced tab.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...