Endpoint Protection

 View Only

  • 1.  Do we completely Off the Firewall on Server and Clients in SEP Deployment?

    Posted Oct 23, 2014 07:39 AM

    hi

    Do we completely Off the Firewall on Server and Clients in SEP Deployment?

    using sep 12.1.5 

    server win 2008 r2

    clients win7 and linux machines

    do we completely off all firewalls of all servers and clients?

     

    if not then how to manage firewall on windows and clients



  • 2.  RE: Do we completely Off the Firewall on Server and Clients in SEP Deployment?

    Posted Oct 23, 2014 07:41 AM

    Windows firewall? Would only need to turn off just to deploy then re-enable...see here:

    http://www.symantec.com/docs/HOWTO80805

    Port 445, 139,135 need to be available for initial deployment/ Linux machines are NOT applicable here as they do not run the firewall nor can they be deployed from the SEPM.



  • 3.  RE: Do we completely Off the Firewall on Server and Clients in SEP Deployment?

    Posted Oct 23, 2014 07:44 AM

    you can keep them on , communication port 8014 should be open thats it 

    Steps to prepare computers to install Symantec Endpoint Protection 12.1.x client

    http://www.symantec.com/business/support/index?page=content&id=tech163112

    Which communication ports does Symantec Endpoint Protection use?

    http://www.symantec.com/business/support/index?page=content&id=TECH163787



  • 4.  RE: Do we completely Off the Firewall on Server and Clients in SEP Deployment?

    Posted Oct 23, 2014 07:46 AM
    Best Practices for using Windows Firewall with Symantec Endpoint Protection 12.1 Article:TECH196975|Created: 2012-09-20|Updated: 2012-09-20|Article URL http://www.symantec.com/docs/TECH196975


  • 5.  RE: Do we completely Off the Firewall on Server and Clients in SEP Deployment?

    Broadcom Employee
    Posted Oct 23, 2014 07:54 AM

    Hi,

    Thank you for posting in Symantec community.

    I would be glad to answer your query.

    First decide prior to deployment you want to use Windows Firewall or Symantec Firewall (NTP - Network Threat Protection)

    If you wish to deploy SEP firewall then SEP will automatically turn off the Windows firewall after successful SEP installation.

    As a best practice recommendation it is always advised to use only one software Firewall on a computer. Two software Firewalls running on a computer might drain resources and the both software Firewalls might have rules those might conflict with each other. Enabling more than one Firewall program is likely to result in conflicts and poor performance. 

    To prevent the above situation Symantec Endpoint Protection (SEP) installer automatically detects and disables Windows Firewall if enabled. Exception to this would be that if SEP is installed without Network Threat Protection (NTP) active Windows Firewall will not be disabled

    Refer this article: 

    Best Practices for using Windows Firewall with Symantec Endpoint Protection 12.1

    http://www.symantec.com/docs/TECH196975 

    If looking for best practice to deploy SEP client remotely check these articles:

    About client deployment methods

    http://www.symantec.com/docs/HOWTO81302

    Steps to prepare computers to install Symantec Endpoint Protection 12.1 client

    http://www.symantec.com/docs/TECH163112

    How to prepare computers for remote deployment

    http://www.symantec.com/docs/HOWTO16365

    Preparing Windows operating systems for remote deployment 

    http://www.symantec.com/docs/HOWTO81300

    Installing Symantec Endpoint Protection clients remotely

    http://www.symantec.com/docs/HOWTO59432