AnsweredAssumed Answered

Monitoring clients with disabled security policy.

Question asked by Nandhu Rajendran on Nov 30, 2017
Latest reply on Dec 1, 2017 by Dameon Welch Abernathy

We have the checkpoint endpoint security client version E80.64 deployed on all of our windows machines.

 

We decided to enable the disable security policy(Done by editing the $FWDIR/conf/trac_client_1.ttm file on the firewall)  for the client so some of our developers could disable it when testing locally. The one thing we are trying to figure out right now is how to go about monitoring all the employees disabling their security policy.

 

One observation we realized is that the trac.default and trac.config files seems to remain unchanged when the security policy is disabled, we were wondering if there was any other place this setting would reside at so we could run a scheduled job on machines to look for this change.

 

Any help with this would be appreciated.

Outcomes