In this blog post, I am going to explain why the Windows Firewall warning message is a problem. I am working with a client installing a new System Center 2012 Configuration Manager (CM12) environment.
This client has two corporate policies in place:
- Their system status needs to be “Green” (healthy) all the time.
- The Windows Firewall must be disabled on all servers.
Everyone strives to have a healthy (all green status indicators) CM12 environment and this is completely possible. However, if Windows Firewall is turned off you will get the following warning message every hour:
SMS_HIERARCHY_MANAGER reports (Message ID=3353): “Hierarchy Monitoring detected that the ConfigMgr SQL Server <fqdn> ports 1433, 4022, are not active on Firewall exception.”
Besides being incredibly annoying, your component status will immediately be placed in a warning state. How do you solve this problem? You don’t because currently there is no solution. Since there is no solution, I ended up creating a Connect feedback item to suggest to the SCCM team that they create a registry key in order to turn off this warning message. This registry key would prevent your CM12 site from going into a perpetual warning state. If you have experienced a similar situation, make sure to you vote up this Connect item!
If you get a Page Not Found error message when clicking on the link above, see my blog post on how to solve this issue.
Do you have questions or comments about the Windows Firewall warning message? Please feel free to leave a note in the comment section below.