Endpoint Protection

hi!

i need to know how to block some web pages with sepm 12.1.

i have ISA server 2004 but some users run the internet explorer/firefox with a user password that have acceses to facebook, (run as).

So i want to use the sempm 12.1 to block that.

Hello,

A Quick Note: It is important to have the Application and Device control and Firewall Installed on each Client machine. 

Here are few Articles for the same:

There are few Threads on the same issue as well, I would suggest a quick look into the same.

https://www-secure.symantec.com/connect/forums/custom-ips-signature-website-blocking

https://www-secure.symantec.com/connect/forums/how-block-access-specific-websites-both-url-and-ip-address

https://www-secure.symantec.com/connect/forums/website-blocking-custom-ips-signatures

Check this thread

https://www-secure.symantec.com/connect/forums/blocking-websites

Hi,

Check this video:

Allow and Block websites using Symantec Endpoint Protection Firewall

http://www.symantec.com/connect/videos/allow-and-block-websites-using-symantec-endpoint-protection-firewall 

Article: How firewall works

http://www.symantec.com/docs/HOWTO55054

thanks!
before i create the discussion i see this video and web pages

http://www.symantec.com/tv/community/details.jsp?vid=598138590001

http://www.symantec.com/business/support/index?page=content&id=TECH92405&actp=search&viewlocale=en_US&searchid=1323777286693

http://www.symantec.com/business/support/index?page=content&id=TECH92097&locale=en_US

and this one: http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/9c561a4628b3c9a44925747f007b19cd?OpenDocument  make a notification but doesn't work.

none of this worked.

It is very silly question to ask but at times we tend to look forget to look at small things, is NTP installed on the client?

ಠ_ಠ

of course

hi,

Please Check SEP Client Policy Serial no.same or not both side ?

Some proposals:

Delete IE and firefox; people could use different browsers (Chrome, Safari, Opera ...)

In the Host column, delete all source hosts (origen) because the rule shall apply to all of them anyway ("*.*").

Furthermore, as far as I know the DNS host entry in the Host column doesn't accept wildcards. Thus "*.*" and "*.hi5.com" don't work. However, DNS domain entries do accept wildcards, so take "*.hi5.com" as DNS domain. Change the facebook entry to "*.facebook.*" or "*.facebook*.*".

Good luck!

ok, let me work on it.

its a proxy related issue? i have no luck.

thanks for your help guys.

SEP is not proxy aware, you will need to modify your rules to include the port your traffic is going out through.

in this case 8080, nothing happen.

and the client is updating the policy.

Make a simplified test rule with these most important items:

Apply it to a test group and try if it works.

As another possibility (but not probable), you should check if your clients are in Server Control mode or at least in Mixed control (Clients > Group > Policies > Location.specific Settings > Client User Interface Control Settings). If the clients are in Client control mode, they alone are in charge of firewall rules and the SEPM rules are ignored.