Endpoint Protection

Hi I would like to find out if its possible to do this as I understand that the firewall will be turned on for USB blocking to be enabled too. Need to do this as my organization already have GPOs applied to the local machine firewall settings and I do not wish to chage this if possible. Kindly advise.

Thanks

You need the firewall enabled for application device control to work.

So what you can do install NTP ( Firewall) and create a blank rule to allow all and keep this rule on the top. So  you will have SEP firewall , but it will not block anyting.

Application and device control feature (This is the feature we will use for blocking USB)  is dependent on Network threat protection (firewall is a component of this feature).So without SEP firewall we cannot use this feature ,but we can remove all rules of this firewall so that we can make this firewall as good as off.Have a look at this KB
About Windows Firewall and Symantec Endpoint Protection's NTP

Do not remove SEP Firewall..
Add a rule to Allow all in the firewall so it will be full open..
then you can use your Windows Firewall and Device control.

Hello,

You may just withdraw the firewall and intrusion prevention policy from the necessary groups.
This will turn off the drivers which are monitoring the network connections.

As for the windows security center, you may check this out:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007090321550048

Noted. I will try this as it is closer to the solution that I am looking for.

You can withdraw firewall policy, but leave NTP on, once you apply ADC policy on the client, you will need to reboot the system to turn on sysplant driver.