Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Command line to uninstall the Firewall component - SEP 12

Created: 28 Oct 2012 • Updated: 29 Oct 2012 | 7 comments
ThaveshinP's picture
This issue has been solved. See solution.

What is the command line to modify and remove the firewall component/feature on  a SEP 12 client?

Comments 7 CommentsJump to latest comment

Chetan Savade's picture

Hi,

I am aware how to disable it through command prompt need to check more to know about uninstall.

To disable SEP client firewall service

smc -disable –ntp

To enable client firewall service

smc -enable -ntp

If the SEP client UI is password protected:

smc -disable -ntp -p <password>

I hope it's been informative.

How to uninstall Symantec Endpoint Protection (SEP) client silently using the command line

http://www.symantec.com/business/support/index?pag...

Check this article for more reference.

https://www-secure.symantec.com/connect/articles/sep-121-dos-commands

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

ThaveshinP's picture

I want to keep NTP - IPS , but just want to remove the firewall feature as the customer ses the Windows firewall. If I disable the symantec firewall from the client GUI - it shows up as an error and I dont want to SEP client to display an error -I have 35000 machines that I need to do this on. The install package had the SEP firewall enabled - that was a mistake - I need to remove the firewall component ONLY from NTP but keep IPS still active.

Mithun Sanghavi's picture

Hello,

Why not uninstall the Firewall Feature by deploying a new package via Auto-upgrade Feature from SEPM.

Check this Article:

How to add or remove features to existing Symantec Endpoint Protection (SEP) client installations

http://www.symantec.com/docs/TECH90936

Note: A Restart may be required for uninstalling NTP Firewall.

However, in reference to the MSI command line to the SEP 12.1, its in the documentation as mentioned by Paul here

https://www-secure.symantec.com/connect/forums/msi-command-line-reference-symantec-endpoint-protection-121#comment-5598271

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
pete_4u2002's picture

SEP 12 have the feature to work IPS without NTP. hence you can disable.

ThaveshinP's picture

What is the network impact of using the autoupgrade ?

1) Clients have same version- just feature removed

2) Clients have older version - upgrade of client

pete_4u2002's picture

the package sent to client is the impact.

ofcourse the module removal will lessen the security..

ThaveshinP's picture

I was thinking more along the lines of - does it send the entire package as a whole to the machine to be upgraded or does it break it up into smaller data packets and then putting it altogether to upgrade.