Endpoint Protection

 View Only

  • 1.  Firewall blocking at windows startup

    Posted Mar 23, 2010 12:37 PM

    Hi

    Iam trying to setup up the endpoint firewall to allow domain traffic but block everything else.

    I have locked down the policy enough to allow traffic from my domain controllers but block all other traffic.

    But i've hit a snag, as the firewall policy doesn't kick in quickly enough when windows boots its seems to block all traffic before it loads itself hence I start off with no network drives etc if i log off and on again all is ok and the firewall functions correctly.

    Any ideas ?



  • 2.  RE: Firewall blocking at windows startup

    Posted Mar 23, 2010 12:56 PM
    configure this policy to allow all windows services

    Client computers are unable to receive addresses through DHCP after installing Symantec Endpoint Protection


    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007101210172548

    o    pen sepm
    policies
    antivirus and antispyware
    file system autoprotect
    check load autoprotect when endpoint protection starts, check the difference now


  • 3.  RE: Firewall blocking at windows startup

    Posted Mar 23, 2010 04:17 PM
    I don't think Auto-Protect set to start when SEP starts instead of when the computer starts will have any effect on network traffic or the firewall.

    What do the firewall logs say on an affected machine?

    sandra


  • 4.  RE: Firewall blocking at windows startup

    Posted Mar 24, 2010 05:11 AM
    I don't have a problem getting dhcp etc, the problem is the firewall blocks everything as windows is starting as it seems SEP firewall blocks all things before it loads the correct policies. ie the firewall is starting before the machine knows what domain its on ?

    The logs say the services are blocked by the block all other traffic rule, which is fine but i want the firewall to use the correct policies straight away.


  • 5.  RE: Firewall blocking at windows startup

    Posted Mar 24, 2010 07:37 AM
    Do you set the client user interface control as client control(In the console Clients--->The group which client resides--->policies--->location specific policies)?
    If yes
    In the client GUI---->Change settings--->Network threat protection--->configure settings--->firewall uncheck "block all traffic until firewall starts and after the firewall stops".Also under unmatched IP traffic settings select"allow IP traffic".


  • 6.  RE: Firewall blocking at windows startup

    Posted Mar 24, 2010 07:54 AM
    No im using server control, is there another way around what you've suggested ?


  • 7.  RE: Firewall blocking at windows startup

    Posted Mar 24, 2010 08:06 AM
    In server control --->customize under unmatched IP traffic settings select"allow IP traffic" and see any difference is present....


  • 8.  RE: Firewall blocking at windows startup

    Posted Mar 24, 2010 08:20 AM
    allow ip traffic is already ticked


  • 9.  RE: Firewall blocking at windows startup

    Posted Aug 02, 2010 02:31 AM
    Hi
    Just wondering if this was ever resolved?
    We are also having this exact problem.

    Thanks
    DM


  • 10.  RE: Firewall blocking at windows startup

    Posted Aug 02, 2010 04:01 AM
    Have you tried the suggestions posted above? If yes, I suggest you create a new thread to get the proper attention. smiley