Disabling the Windows firewall

Article:HOWTO55336  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55336
Article Type
How To


Disabling the Windows firewall

You can specify the conditions in which Symantec Endpoint Protection disables the Windows firewall. When Symantec Endpoint Protection is uninstalled, Symantec Endpoint Protection restores the Windows firewall setting to the state it was in before Symantec Endpoint Protection was installed.


Symantec Endpoint Protection does not modify any existing Windows firewall policy rules or exclusions.

The actions that Symantec Endpoint Protection can take are as follows:

No Action

Does not change the current Windows firewall setting.

Disable Once Only

Disables the Windows firewall at startup the first time Symantec Endpoint Protection detects that Windows firewall is enabled. On subsequent start ups, Symantec Endpoint Protection does not disable Windows firewall.

This setting is the default.

Disable Always

Disables the Windows firewall at every startup and re-enables the Windows firewall if the Symantec Client Firewall is uninstalled.

Restore if Disabled

Enables the Windows firewall at startup.

Typically, a Windows user receives a notification when their computer restarts if the Windows firewall is disabled. Symantec Endpoint Protection disables this notification by default so that it does not alarm your users when the Windows firewall is disabled. But you can enable the notification, if desired.

To disable the Windows firewall

  1. In the console, click Policies.

  2. Under Policies, click Firewall.

  3. Do one of the following tasks:

    • Create a new firewall policy.

    • In the Firewall Policies list, double-click on the firewall policy that you want to modify.

  4. Under Firewall Policy, click Windows Integration.

  5. In the Disable Windows Firewall drop-down list, specify when you want the Windows firewall disabled.

    The default setting is Disable Once Only.

  6. In the Windows Firewall Disabled Message drop-down list, specify whether you want to disable the Windows message on startup to indicate that the firewall is disabled.

    The default setting is Disable, which means the user does not receive a message upon a computer startup that the Windows firewall is disabled.

  7. Click OK.

See Creating a firewall policy

See The types of security policies.

Legacy ID


Article URL http://www.symantec.com/docs/HOWTO55336

Terms of use for this information are found in Legal Notices