IBM Support

On agent machine, nodes are still seen after disabling NetBIOS Neighborhood

Technote (troubleshooting)


After disabling NetBIOS Neighborhood' in Firewall settings, users can still see the agent nodes in their network.


Machines might still appear in network view even if the "Disable NetBIOS Neighborhood" function in the Firewall settings is selected. The reason is that multiple new network discovery methods were introduced in Windows 2008.


Windows Server 2008 and Windows Server 2008 R2

Diagnosing the problem

New network discovery methods were introduced in Windows 2008. It uses multiple mechanisms, such as NetBIOS, SSDP, and UPnP, to discover network nodes. To disable "NetBIOSNeighborhood," you simply added firewall inbound block rules for UDP port 137 and 138. This method cannot prevent the agent machines from being discovered given that multiple new methods have been introduced. Windows has provided a simple way to turn on/off network discovery. It is suggested that you configure network discovery from the Windows Control Panel instead of blocking additional network ports.

Resolving the problem

Network discovery can be turned off in Windows Control Panel.

If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.

Document information

More support for: IBM Security Host Protection

Software version: 2.2.2

Operating system(s): Windows

Software edition: All Editions

Reference #: 1608964

Modified date: 14 November 2012