Does Endpoint Protection 2013 have central firewall logging?
Created: 04 Oct 2012 | Updated: 05 Oct 2012 | 4 comments
This issue has been solved. See solution.
We're looking at evaluating endpoint protection products and during our eval we have a need to put the firewall in logging mode and have it report back centrally to the admin interface so that we can see what has been blocked (incoming/outgoing) or allowed on certain machines.
It doesn't appear that MS FEP can do this (firewall logs seem to be stored locally on the machine).
Same thing with McAfee HIPS (firewall logs are located on the machine itself)
Anyone know if Symantec's product can log these back to the admin interface (in the database of course) so that you don't have to manually fetch them from each machine?
Discussion Filed Under:
Comments 4 Comments • Jump to latest comment
Check this URL nay be help..
you can found product releated document
http://www.symanteccloud.com/en/in/services/end_user_protection/endpoint_protection.aspx?inid=2012_sep_gbl_sep_sbe_2013_epsec
https://www-secure.symantec.com/connect/forums/announcing-symantec-endpoint-protection-small-business-edition-2013
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
the SEPM console manages the firewall rules for managed clients. The logging/block/allow (actions) can be set here.
Once the client gets the policy considering you have set the rules to log, during the client heartbeat the client upload it's logs which will have the logged details.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
hope this helps
Symantec Endpoint Protection Manager - Firewall - Policies explained
http://www.symantec.com/business/support/index?page=content&id=TECH181701
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Thanks Pete, that does appear to do what we would want it to do.
Would you like to reply?
Login or Register to post your comment.