Home
  •  

BFE service availability

Network_Security_AvailabilityBFE (UnitMonitor)

This is a critical alarm generated because the Base Filtering Engine service (BFE) stopped responding. The BFE service manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Disabling the BFE service significantly reduces the security of the system and also results in unpredictable behavior in IPsec management and firewall applications. This alarm is cleared when the service is running again.

Knowledge Base article:

Summary

This is a critical alarm generated because the Base Filtering Engine service (BFE) stopped responding. The BFE service manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Disabling the BFE service significantly reduces the security of the system and also results in unpredictable behavior in IPsec management and firewall applications. This alarm is cleared when the service is running again.

Resolutions

The service will restart automatically, or it can be restarted manually.

Element properties:

TargetNetwork_Security_Class
Parent MonitorSystem.Health.AvailabilityState
CategoryAvailabilityHealth
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityHigh
Alert Auto ResolveTrue
Monitor TypeMicrosoft.Windows.CheckNTServiceStateMonitorType
RemotableTrue
AccessibilityPublic
Alert Message
Network Security Availability BFE
See the alert context for details.
RunAsDefault

Source Code:

<UnitMonitor ID="Network_Security_AvailabilityBFE" Accessibility="Public" Enabled="true" Target="Network_Security_Class" ParentMonitorID="Health!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.CheckNTServiceStateMonitorType" ConfirmDelivery="false">

  <Category>AvailabilityHealth</Category>

  <AlertSettings AlertMessage="Network_Security_AvailabilityBFE_AlertMessageResourceID">

    <AlertOnState>Error</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>High</AlertPriority>

    <AlertSeverity>Error</AlertSeverity>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="Running" MonitorTypeStateID="Running" HealthState="Success"/>

    <OperationalState ID="NotRunning" MonitorTypeStateID="NotRunning" HealthState="Error"/>

  </OperationalStates>

  <Configuration>

    <ComputerName/>

    <ServiceName>BFE</ServiceName>

    <CheckStartupType/>

  </Configuration>

</UnitMonitor>