Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

firewall control with SEP 11.05 not working

Updated: 21 May 2010 | 2 comments
thumpertwin's picture
thumpertwin
0 0 Votes
Login to vote

I have had a thread going under Antivirus but hope to get some ansers on the this portal.

I have 3 groups created
I have 3 firwall policies created

Each group is assign their own policy
gorup 1 uses inherited standard out of Box policy no problems
 Group 2 uses not inherited assigned poicy 2
Group 3 uses not inherited assigned poicy 3

Edited non shared policy 2 + 3 to limited control of  internet acces to certain sites

When the group 2 + 3 clients get this policy the Firwall policy dissapears from the client.. Client can browse the net ,any site.

I followed instructions from tech articles in the KB of how to do it, but still missing something.

when I move the client back to group 1 the FW policy (standard) comes back.

I have considerd and tried in my non shared edited FW Policy to include the server, by IP by name etc and the sites I want to allow but still dissapears off client. when updated.

Has any one done  this and does it really work !!!

discussion Filed Under:
, , ,

Comments

Vikram Kumar-SAV to SEP's picture
26
Oct
2009
0 Votes 0
Login to vote
Vikram Kumar-SAV to SEP
Symantec Employee
Accredited

 1. Make Sure Group 2 and 3

 1. Make Sure Group 2 and 3 are not in Client Control mode ( they should be in Server Control)
2.Edit the policy make some changes ( eg .change the name of policy etc)
Assign the policy.

GO to the client first make sure Network Threat Protection is listed in SEP GUI and is ON
then in  SEP GUI- go to View Logs - Client Management -System Logs

right click on client and click update policy ..then check in the logs if you see new policy getting applied.It should take about 1 minute.

VMWARE-- SEP 12.1 vs McAfee vs Trend Micro

thumpertwin's picture
26
Oct
2009
0 Votes 0
Login to vote
thumpertwin

Yes group 2 + 3 are in Server

Yes group 2 + 3 are in Server control
Yes the FW policies do have different names

The problem is when I assign the policy it disspaers off the client.

so i went back, removed the 2 entries I made to to the policy assigned it Again  then they come back to the client when updated.
This is the part I  cannot fathom out why !!

the entries I add is domain host *.symantec.* (ie only allow symantec websites and set to allow
Then  another  host and make a *.* and set it to block
.
I ensure 1st entry is top of list and the next one below it

Weired and this as per KB article

Maybe they should be futher down or at the bottom.
.

No its not a Harley but starts every time and has never broken down

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,776