Endpoint Protection

 View Only

  • 1.  Host Integrity Checking Forewall Policy Locking to LiveUpdate Port 7070

    Posted Apr 03, 2013 11:30 AM

    We have a requirement to implement a host integrity check on our SEP clients to ensure they are up to date. I have managed to get everything working except the firewall policy which I a trying to lock to only port 7070 (LiveUpdate) within the Quarantine area. Has anyone done this sort of thing and can advise me what I need to do or provide an example policy, the firewall policy is not the easiest thing to get working and seems to currently be getting ignored!!

    This policy may be extended to check for security patches that have been applied to clients and therefore lockdown to an enterprise management solution ports but I'm guessing if I can get the first part working I'll be able to get the second part done fairly easily!!

    Thanks as always



  • 2.  RE: Host Integrity Checking Forewall Policy Locking to LiveUpdate Port 7070

    Posted Apr 19, 2013 09:03 AM

    Hello,

    please, have a look at the firewall policy documentation:
    http://www.symantec.com/business/support/index?page=content&id=TECH104433

    Of course, ensure the Network Threat Protection (firewall and IPS) is installed and active on the clients.



  • 3.  RE: Host Integrity Checking Forewall Policy Locking to LiveUpdate Port 7070

    Posted Apr 19, 2013 09:27 AM

    Can you clarify the issue please?

    Is it that the client is not switching to the Quarantine Policies, or that the qurantine policies are not behaving as intended?  If it's the latter, can you advise if this is incorrectly blocking everything, or allowing everything?

    Many thanks!