On agent machine, nodes are still seen after disabling NetBIOS Neighborhood
After disabling NetBIOS Neighborhood' in Firewall settings, users can still see the agent nodes in their network.
Machines might still appear in network view even if the "Disable NetBIOS Neighborhood" function in the Firewall settings is selected. The reason is that multiple new network discovery methods were introduced in Windows 2008.
Windows Server 2008 and Windows Server 2008 R2
Diagnosing the problem
New network discovery methods were introduced in Windows 2008. It uses multiple mechanisms, such as NetBIOS, SSDP, and UPnP, to discover network nodes. To disable "NetBIOSNeighborhood," you simply added firewall inbound block rules for UDP port 137 and 138. This method cannot prevent the agent machines from being discovered given that multiple new methods have been introduced. Windows has provided a simple way to turn on/off network discovery. It is suggested that you configure network discovery from the Windows Control Panel instead of blocking additional network ports.
Resolving the problem
Network discovery can be turned off in Windows Control Panel.
If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.
More support for:
IBM Security Host Protection
Software version: 2.2.2
Operating system(s): Windows
Software edition: All Editions
Reference #: 1608964
Modified date: 14 November 2012