Cool Halo Trick #3: Detecting Firewall Changes

Problem: How can I tell if someone has modified a server’s firewall from the command line?

First, implement a firewall policy using Halo.

Create a Special Events Policy to detect firewall changes, and apply it to the appropriate group of servers.

Identify who should receive these alerts:

Edit the server group’s details and assign the alert profile:

That’s it! When firewall rule changes are detected you’ll receive an email notification:

You can then login to your Halo account, see the changes that were made in your alerts summary, and even re-apply the original firewall policy if desired.

Stay up to date

Get the latest news and tips on protecting critical business assets.

Related Posts