Adding port exceptions to Windows Internet Connection Firewall for Symantec AntiVirus Corporate Edition

Article:TECH100781  |  Created: 2004-01-06  |  Updated: 2007-01-20  |  Article URL
Article Type
Technical Solution




You installed or plan to install Windows XP Service Pack 2 (SP2), which enables Windows Internet Connection Firewall (ICF). Alternatively, you use Windows 2003 or another version of Windows XP in your network with ICF enabled. You want to add port exceptions to allow Symantec AntiVirus components to communicate.


If you have already installed SP2, you can create exceptions manually. If you have not yet installed SP2, you can create a package to install SP2 with the exceptions already in place.

To create exceptions manually after SP2 is installed
  1. Right-click My Network Places, and then click Properties.
  2. Right-click Local Area Connection, and then click Properties.
  3. On the Advanced tab, under Windows Firewall, click Setting.
  4. On the Exceptions tab, click Add Port.
  5. Type the name of the port and the port number.
    For a list of ports that are used by Symantec AntiVirus, see the References section at the end of this document.
  6. Click Change Scope, and select the scope to which you want the change to apply.

To deploy Service Pack 2 with exceptions in place
Read the following article from the Microsoft Knowledge Base to create a Windows XP SP2 package with exceptions preconfigured: Using the Windows Firewall INF File in Microsoft Windows XP Service Pack 2.

Information on which ports to except
For information about topics related to Windows XP Service Pack 2, see the article Documents relating to Symantec Client Security and Windows XP Service Pack 2.

Technical Information
Windows XP Service Pack 2 enables Windows Firewall by default.

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices