Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Confusing firewall rule

Created: 12 Aug 2014 | 4 comments

Hello I wonder if someone could explain the 25th firewall rule that is default in SEP.

It seems to state Allow all Applications / ANY one/ Any where and ANY connection. This kinda says to me that just opened the entire system and there is no point having the firewall.

Could someone shed some light on this rule????

Operating Systems:

Comments 4 CommentsJump to latest comment

.Brian's picture

Exactly what it means :) Unless of course one of the 24 above it are triggered first that stop an app.

It's just the default policy so you may need to tweak to fit your environment.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

GotoGuy's picture

Ahh becuase they are all in order so would block or carry out rules in order and if we dont block any or allow before that then all are sent through.

I think I get it now.

.Brian's picture

Correct. Works from top down

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Rafeeq's picture

Its the top down approach.. When a packet want to cross a network sep will check all rules one by one .. If there is a match it will be allowed or denied .. If no match found then its last rule