We have the checkpoint endpoint security client version E80.64 deployed on all of our windows machines.

We decided to enable the disable security policy(Done by editing the $FWDIR/conf/trac_client_1.ttm file on the firewall)  for the client so some of our developers could disable it when testing locally. The one thing we are trying to figure out right now is how to go about monitoring all the employees disabling their security policy.

One observation we realized is that the trac.default and trac.config files seems to remain unchanged when the security policy is disabled, we were wondering if there was any other place this setting would reside at so we could run a scheduled job on machines to look for this change.

Any help with this would be appreciated.