#network-security

4 articles

Windows Events4

Network operations center displaying Windows NPS authentication monitoring dashboards and security event logs

Windows Event ID 6272 – Microsoft-Windows-Security-Auditing: Network Policy Server Granted Access

Event ID 6272 indicates that Network Policy Server (NPS) has granted network access to a user or device after successful authentication and authorization through RADIUS protocols.

March 1812 min

Windows security monitoring dashboard showing network firewall events and connection analysis

Event 5157

Microsoft-Windows-Security-Auditing

Windows EventInformation

Windows Event ID 5157 – Windows Filtering Platform: Network Connection Blocked by Firewall

Event ID 5157 indicates Windows Filtering Platform blocked a network connection attempt. This security audit event helps administrators track blocked network traffic and firewall rule effectiveness.

March 189 min

Windows security monitoring dashboard showing Event Viewer with network filtering logs and firewall activity

Event 5152

Microsoft-Windows-Security-Auditing

Windows EventInformation

Windows Event ID 5152 – Windows Filtering Platform: Network Packet Blocked by Firewall

Event ID 5152 indicates Windows Filtering Platform blocked a network packet. This security audit event helps track firewall activity and identify blocked connection attempts on Windows systems.

March 189 min

Windows security monitoring dashboard showing network filtering platform events and firewall status

Event 5024

Microsoft-Windows-FilteringPlatform-FilterEngine

Windows EventError

Windows Event ID 5024 – Windows Filtering Platform: Filter Engine Initialization Failed

Event ID 5024 indicates the Windows Filtering Platform (WFP) filter engine failed to initialize or encountered a critical error during startup, potentially affecting network security and firewall functionality.

March 1812 min