- Group Policy Applied: should indicate whether Windows Firewall was getting its settings from Group Policy or the system's local policy but this appears to always say "No"
- Profile Used: "Public" or "Domain". Windows Firewall seems to always start in Public and then switch to Domain shortly after if appropriate.
- Operational mode: Whether Windows Firewall was enabled or not. Should usually say "On"
- Allow Remote Administration: Disabled/Enabled
- Allow Unicast Responses to Multicast/Broadcast Traffic: Enabled/Disabled
The logging referred to here has nothing to do with the Security event log; instead it's referring to the C:\Windows\system32\LogFiles\Firewall\pfirewall.log log.
These fields corresponds to the check box in the Customize Loggin Settings for the Public/Domain Profile dialog in Windows Firewall with Advanced Security MMC console.
- Log Dropped Packets: Disabled/Enabled
- Log Successful Connections: Disabled/Enabled