Skip to main content


How do I disable the "Filtering Platform Connection" audit Policy?

The Windows Filtering Platform Connection success auditing creates a new security log entry each time the Penetration Patrol Agent makes a local connection. This in turn generates a Penetration Patrol alert. This results in an inordinate volume of logs local to the server and alerts on our Penetration Patrol host and as a result, we do not allow hosts with this option enabled to continue reporting to our host server.

Disabling this option can be done by opening a Command Propt with Administrator privileges and running the below command.

Last updated 10 December 2015, 16:00 GMT