Event ID 615 – IPSec PolicyAgent Service
Event ID | 615 |
Category | Policy Change |
Type | Success Audit |
This event too varies depending on the OS. Event 615 is logged for general purpose events which pertain to the IPSec Policy Agent. While intially known as IPSec Policy Agent, from Windows Server 2003 onwards, it is referred to as IPSec Services.
This log data provides the following information:
- Date
- Time
- User
- Computer
- IPSec Services
Why does event ID 615 need to be monitored?
As IPSec supports network-level peer authentication, data confidentiality, data integrity and replay protection, it is prudent to monitor all event which concern Internet Protocol Security.
Pro Tip:
ADAudit Plus helps you avoid the GPOs monitoring complexities with real-time pre-configured reports and auditing of the changes along with alerts within a Domain & OU. The advanced Group Policy settings real-time audit reports highlight the elusive change details, and also provide the old and new values of the modified attributes.
Event 615 applies to the following operating systems:
- Windows Server 2000
- Windows 2003 and XP
Corresponding event ID in Windows 2008 and Windows Vista is 4709.
Explore Active Directory auditing and reporting with ADAudit Plus.
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools