Event ID 5456 — IPsec Policy Agent Rule Processing

Updated: January 9, 2008

Applies To: Windows Server 2008

green

The IPsec Policy Agent service receives its rules from local security policy stored in the system registry, and from Group Policy delivered by Active Directory. After receiving new or modified policy settings, IPsec Policy Agent must process each new or modified rule to determine which network traffic to block, allow, or protect by using Internet Protocol security (IPsec). 

Note:   This service provides compatibility with Internet Protocol security (IPsec) policies used in earlier versions of Windows. New deployments of Windows Vista and Windows Server 2008 should not use the policies supported by the IPsec Policy Agent service since those policies support only a subset of the features supported by Windows Firewall with Advanced Security. Instead, new deployments should use policies created by using Windows Firewall with Advanced Security to take full advantage of the additional security and features.

When appropriate auditing events are enabled (http://go.microsoft.com/fwlink/?linkid=92666), Windows reports successes and failures, both in retrieving policy, and in processing the rules defined in the policy.

Event Details

Product: Windows Operating System
ID: 5456
Source: Microsoft-Windows-Security-Auditing
Version: 6.0
Symbolic Name: SE_AUDITID_ETW_POLICYAGENT_PASTORE_APPLIED_DS_POLICY
Message: PAStore Engine applied Active Directory storage IPsec policy on the computer.

Policy:%t%t%1

Resolve

This is a normal condition. No further action is required.

Related Management Information

IPsec Policy Agent Rule Processing

Windows Firewall with Advanced Security

Community Additions

ADD
Show: