Problem: How can I tell if someone has modified a server’s firewall from the command line?
Create a Special Events Policy to detect firewall changes, and apply it to the appropriate group of servers.
Identify who should receive these alerts:
Edit the server group’s details and assign the alert profile:
That’s it! When firewall rule changes are detected you’ll receive an email notification:
You can then login to your Halo account, see the changes that were made in your alerts summary, and even re-apply the original firewall policy if desired.