In the console, open a Firewall policy.
On the Firewall Policy page, click .
On the Rules tab, in the list, in the Enabled field, ensure that the box is checked to enable the rule; uncheck the box to disable the rule.
Symantec Endpoint Protection only processes the rules that you enable. All rules are enabled by default.
Double-click the Name field and type a unique name for the firewall rule.
Right-click the Action field and select the action that you want Symantec Endpoint Protection to take if the rule is triggered.
In the field, define an application.
See Defining information about applications.
In the Host field, specify a host trigger.
See Blocking traffic to or from a specific server.
In addition to specifying a host trigger, you can also specify the traffic that is allowed to access your local subnet.
See Allowing only specific traffic to the local subnet.
In the Service field, specify a network service trigger.
See Controlling whether networked computers can share messages, files, and printing.
In the Log field, specify when you want Symantec Endpoint Protection to send an email message to you when this firewall rule is violated.
See Setting up notifications for firewall rule violations.
Right-click the Severity field and select the severity level for the rule violation.
In the Adapter column, specify an adapter trigger for the rule.
See Controlling the traffic that passes through a network adapter.
In the Time column, specify the time periods in which this rule is active.
See Scheduling when a firewall rule is active.
Right-click the Screen Saver field and specify the state that the client computer's screen saver must be in for the rule to be active.
The Created At field is not editable. If the policy is shared, the term Shared appears. If the policy is not shared, the field shows the name of the group to which that the non-shared policy is assigned.
Right-click the field, click , type an optional description for the rule, and then click .
If you are done with the configuration of the rule, click .