With Symantec Endpoint Protection Network Threat Protection installed, Windows 7 and later indicates that the Windows Firewall is still on

Article:TECH123729  |  Created: 2010-01-07  |  Updated: 2013-12-20  |  Article URL http://www.symantec.com/docs/TECH123729
Article Type
Technical Solution


Issue



You install Symantec Endpoint Protection (SEP) with Network Threat Protection (NTP) on a computer that runs Windows 7 or later. When you open the Windows Firewall control panel, notice that it displays the following message: "These settings are being managed by vendor application Symantec Endpoint Protection." If you click Advanced Settings, the Windows firewall appears to be on. However, rules within the Windows firewall are not actually applied.

This behavior differs from Windows XP or Windows Server 2003, which displays the Windows Firewall as explicitly off.

 


Cause



The behavior of Windows 7 and later with regards to third-party firewalls like the Symantec Endpoint Protection firewall differs slightly to previous versions of Windows. As of Windows 7, Microsoft changed the Security Center to Action Center.  In the Action Center, a more universal interface was created for protection technologies, such as firewall and antivirus.

 


Solution



This is expected behavior, and both Symantec Endpoint Protection and the Windows Firewall are working as intended. For Windows 7 and later, installing Symantec Endpoint Protection with Network Threat Protection and enabling the firewall turns off the Windows Firewall. You can confirm this status in the Installed Firewall list, as well as in the General Firewall status section, which indicates that the firewall rules are being managed by Symantec Endpoint Protection.

To verify the true Windows Firewall status:

  1. Click Open Action Center > Security. Network Firewall displays a status of On.
  2. Click View installed firewall programs. Symantec Endpoint Protection displays a status of On. Windows Firewall displays a status of Off.

 
If both firewalls display a status of On, the Action Center shows the following warning: "Windows Firewall and Symantec Endpoint Protection both report that they are turned on. Note: Two or more firewalls running at the same time can cause conflicts with each other." 

Technical note: Only Symantec Endpoint Protection 12.1.x is supported on versions of Windows later than Windows 7.




Legacy ID



2010030706451148


Article URL http://www.symantec.com/docs/TECH123729


Terms of use for this information are found in Legal Notices