Unable to install SEP on Windows 7 machine as the Base Filtering Engine Service is not started
|Article:TECH178173|||||Created: 2012-01-03|||||Updated: 2012-11-26|||||Article URL http://www.symantec.com/docs/TECH178173|
Unable to install SEP on Windows 7 bit machine as the Base Filtering Engine Service is not started.
The Base Filtering Engine services is stopped or disabled.
This issue is known to affect both Windows Vista and Windows 7, 32bit and 64bit OSes.
It may also affect Windows 2008, 8 and 2012.
As of SEP 12.1 RU1, a detection was implemented in the install process which will prohibit installation if the Base Filtering Engine service is stopped.
The Base Filtering Engine (BFE) is a Microsoft service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications. Symantec Endpoint Protection is designed to manage the Windows Firewall service and utilize the Base Filtering Engine service. Manually disabling these services is not necessary or recommended.
Intrusion Prevention in Symantec Endpoint Protection requires the Base Filtering Engine to be running. If the Base Filtering Engine is stopped, Intrusion Prevention cannot make detections.
Access the Services.msc console and re-enable the BFE service, then reattempt installation.
If you cannot re-enable the BFE service this way, please refer to the Microsoft community document on correcting BFE registration and permissions, included below.
eTrack ticket describing that install detection was implemented in 12.1 RU1
Article URL http://www.symantec.com/docs/TECH178173