Endpoint Protection Small Business Edition

 View Only

  • 1.  Firewall blocks Group Policy Modeling

    Posted Sep 12, 2016 05:31 PM

    I am using SEP SBE cloud version with a policy basically derived from the default plicy provided.  When I try to run a Group Policy Results Wizard from a domain controller (Windows server 2012) on a windows client (win 7 or 10), the SEP firewall blocks the Group Policy wizard from running.  On the client machine, the firewall traaffic log shows 'rule default block EPMAP' rejected TCP(6) traffic with ...  I tried to create a custom rule to allow TCP traffic to this specific client on port 135, but the default rule is overriding the custom rule I created.  HOW CAN I GET THE SEP FIREWALL TO ALLOW THIS GROUP POLICY TRAFFIC?  thanks for the help.



  • 2.  RE: Firewall blocks Group Policy Modeling

    Posted Sep 29, 2016 07:54 PM

    I'm having a similar issue and have yet to receive any useful assistance from Symantec Support.  We also use SEP SBE.

    It makes no difference whether I have Smart Firewal enabled or disabled, Group Policy updates fail with error 800706ba.

    With Smart Firewall enabled and a custom rule to allow all inbound and outbound traffic on all ports makes no different, GP updates fail.

    Whether Smart Firewall is enabled or disabled, I can manually enable or disable Windows Firewall rules.  So, I have done that on some test systems and GP update is then successful.  But of course I don't want to go to every single computer to make these configuration changes.  I want centralized administration, and clearly SEP is getting in the way of that.

    I also believe that I have discovered a flaw.  When a client system with SEP SBE restarts, it can take several minutes before SEP goes into Protected mode.  While it's still in Unknown mode I am able to manually turn off the Windows Firewall.  And even once SEP goes into Protected mode, the Windows Firewall remain off.  I have even restarted these test clients and WF stays off.  Perhaps that's by design, but it seems like a huge flaw to me, since it's a very clear way to defeat part of SEP's protection.



  • 3.  RE: Firewall blocks Group Policy Modeling

    Posted Oct 14, 2016 07:23 AM

    Hi Portnoy,

     

    Although I can't help with the issue at hand - from having supported the product previously, I can confirm that the SEP SBE client does actually disable the Windows Firewall and prevents you, or any other service, making any configuration changes to it.

    This is by design, you can read more about it here:

    http://www.symantec.com/business/support/index?page=content&id=TECH97986