當偵測到不安全的設定時,此規則會產生警示
偵測出不安全的設定。
TMG Server 會用其本身的網路位址轉譯 (NAT) 機制來充分保護您系統的安全。 但是,TMG Server 偵測出作業系統的 NAT 驅動程式並未停用。 TMG Server 已停止並停用驅動程式 ('IpNat')。
確認已停用 NAT 驅動程式。
| Target | Microsoft.Forefront.TMG.Server |
| Category | EventCollection |
| Enabled | True |
| Alert Generate | False |
| Remotable | True |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| DS | DataSource | Microsoft.Forefront.TMG.Rule.AlertGenerate.DS | Default |
| WA | WriteAction | Microsoft.Forefront.TMG.Rule.AlertGenerate.WA | Default |
Home
CHT <Rule ID="Microsoft.Forefront.TMG.An_insecure_configuration_was_detected.Rule" Enabled="true" Target="Microsoft.Forefront.TMG.Server" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Microsoft.Forefront.TMG.Rule.AlertGenerate.DS">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<EventsPattern>^(14087)$</EventsPattern>
<EventType>1</EventType>
<SourcePattern>Microsoft Forefront TMG Control</SourcePattern>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WA" TypeID="Microsoft.Forefront.TMG.Rule.AlertGenerate.WA">
<AlertMessageId>$MPElement[Name="Microsoft.Forefront.TMG.An_insecure_configuration_was_detected.AlertMessage"]$</AlertMessageId>
<DomainName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DomainDnsName$</DomainName>
<Priority>2</Priority>
<Severity>2</Severity>
</WriteAction>
</WriteActions>
</Rule>