Advanced Settings for Windows 7 Firewall indicate that it is on, even when Symantec Endpoint Protection (SEP) Network Threat Protection (NTP) is installed.
|Article:TECH123729|||||Created: 2010-01-07|||||Updated: 2012-03-30|||||Article URL http://www.symantec.com/docs/TECH123729|
You install Symantec Endpoint Protection 11.x or 12.1.x with Network Threat Protection on a Windows 7 machine. You notice that on the Advanced Settings screen of the Windows Firewall Control Panel, it indicates that the Windows Firewall is "On" even though SEP is managing these settings.
If you go to the Windows Control Panel->Windows firewall, you will notice that it displays, "These settings are being managed by vendor application Symantec Endpoint Protection." If "Advanced Settings" is selected, there will be an indication that Windows firewall is "on." However, rules within the Windows firewall are not actually applied.
This will look similar to the following screenshot:
This behavior differs from that in Windows XP, as in XP the Windows firewall is explicitly off.
The behavior of Windows 7 with regards to third party firewalls (such as SEP's NTP) differs slightly than previous versions of Windows. In Windows 7, Microsoft changed Security Center to Action Center. In Action Center, a more universal interface was created for protection technology (Firewall, Antivirus, etc).
This is expected behavior, and both SEP 11.0 and the Windows 7 firewall are working as intended. Windows Firewall is indeed turned off when SEP NTP is enabled, indicated by the Installed Firewall list, as well as the General Firewall status section indicating that firewall rules are being managed by SEP.
To verify the true Windows Firewall status: Open Action Center -> Expand "Security". Find line item "Network Firewall On". Below is a link "View installed firewall programs": Symantec Endpoint Protection is listed as installed and On, Windows firewall is listed as installed and Off.
Article URL http://www.symantec.com/docs/TECH123729