So recently we released a driver that makes heavy use of WFP, and now the bugs are rolling in and we see a huge spike of FwpmEngineOpen failing with NTSTATUS of 0xc0020036. We have no repro case, and no idea where to even start looking for it. So we call on the good people of OSR, maybe someone has some ideas 
?
This appears to be EPT_NT_NOT_REGISTERED. What is the state of the BFE on these machines?
We have no idea, supposedly this happens at boot, and the driver is in “NetworkProvider” group, aparently the other service that runs in that group can access the BFE at that point.
Are you using FwpmBfeStateSubscribeChanges to detect when the BFE is online?
No we weren’t , working on implementing that right now