Disabling the Windows firewall
You can specify the conditions in which Symantec Endpoint Protection disables the Windows firewall. When Symantec Endpoint Protection is uninstalled, Symantec Endpoint Protection restores the Windows firewall setting to the state it was in before Symantec Endpoint Protection was installed.
Symantec Endpoint Protection does not modify any existing Windows firewall policy rules or exclusions.
The actions that Symantec Endpoint Protection can take are as follows:
Does not change the current Windows firewall setting.
Disable Once Only
Disables the Windows firewall at startup the first time Symantec Endpoint Protection detects that Windows firewall is enabled. On subsequent start ups, Symantec Endpoint Protection does not disable Windows firewall.
This setting is the default.
Disables the Windows firewall at every startup and re-enables the Windows firewall if the Symantec Client Firewall is uninstalled.
Restore if Disabled
Enables the Windows firewall at startup.
Typically, a Windows user receives a notification when their computer restarts if the Windows firewall is disabled. Symantec Endpoint Protection disables this notification by default so that it does not alarm your users when the Windows firewall is disabled. But you can enable the notification, if desired.
To disable the Windows firewall
In the console, click .
Under Policies, click .
Do one of the following tasks:
Create a new firewall policy.
In the list, double-click on the firewall policy that you want to modify.
Under Firewall Policy, click .
In the drop-down list, specify when you want the Windows firewall disabled.
The default setting is Disable Once Only.
In the drop-down list, specify whether you want to disable the Windows message on startup to indicate that the firewall is disabled.
The default setting is Disable, which means the user does not receive a message upon a computer startup that the Windows firewall is disabled.
See Creating a firewall policy
See The types of security policies.