Video Screencast Help

How to add more than two Location based settings firewall policy to the newly created group ?

Created: 05 Feb 2013 • Updated: 06 Feb 2013 | 8 comments
This issue has been solved. See solution.

Hi,

I have created the new Group in my SEPM to contains new workstation as per below screenshot:

somehow I cannot make it so that it behaves like the existing old group like in the following screenshot:

Can anyone please assist me in how to do it ?

Thanks !

Comments 8 CommentsJump to latest comment

John Santana's picture

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

John Santana's picture

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

_Brian's picture

Use location awareness

Add another location, than you can assign a different policy for the new location. Just click on "Add Location" to add another.

Best Practices for Symantec Endpoint Protection Location Awareness

Article:TECH98211  |  Created: 2009-01-20  |  Updated: 2012-06-07  |  Article URL http://www.symantec.com/docs/TECH98211

 

Enabling location awareness for a client

Article:HOWTO81170  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81170

 

Adding a location to a group

Article:HOWTO81205  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81205

 

More about Location Awareness in Symantec Endpoint Protection (SEP)

Article:TECH97369  |  Created: 2009-01-11  |  Updated: 2013-01-21  |  Article URL http://www.symantec.com/docs/TECH97369

 

pete_4u2002's picture

refer the above articles. I can see two locations "Unknown" & "Secure INternal Network". The firewall is assigned to this group. Only one policy can be applied to a group location.

MASH1's picture

 

Hi John,

 

How to add more than two Location based settings firewall policy to the newly created group ?

1) First create a new location.

Clients Tab--> click on policies on right pane--> click on "Add Location" and follow the wizard.

2) Once the location is added go to Policies tab which is below reports tab on the left side.

3) When you apply a policy just right click and you will be able to find all the groups and all the locations inside the group. You can select it location wise .

 

- MASH

 

- MASH

SOLUTION
Rafeeq's picture

When you create a new group it will have just one Policy, You need to create a location based policy as Mash said.

Once its created you can see them on the right hand side.

 

Mithun Sanghavi's picture

Hello,

Is this Thread related to the new Thread created by you ??

https://www-secure.symantec.com/connect/forums/how-add-more-two-location-based-settings-firewall-policy-newly-created-group

Looks similar..!!

 

About working with Firewall Policies

The Symantec Endpoint Protection Manager includes a default Firewall Policy with firewall rules and firewall settings for the office environment.  The office environment is normally under the protection of corporate firewalls, boundary packet filters, or antivirus servers.  Therefore, it is normally more secure than most home environments, where limited boundary protection is available.

When the console is installed for the first time, it adds a default Firewall Policy to each group automatically. Every time a new location is added, the console copies a Firewall Policy to the default location automatically.

If the default protection is not appropriate, it can be customized using the Firewall Policy for each location, such as for a home site or customer site. If the default Firewall Policy is not what is needed, it can be edited or replaced with another shared policy.

Firewall Policies include the following elements:

Firewall rules Firewall rules are policy components that control how the firewall protects computers from malicious incoming traffic and applications. The firewall automatically checks all incoming and outgoing packets against these rules, and allows or blocks the packets based on information specified in rules.
Smart traffic filters Allows the specific types of traffic that are required on most networks such as DHCP, DNS, and WINS traffic.
Traffic and stealth settings Detects and blocks traffic that comes from certain drivers, protocols, and other sources.
Peer-to-peer authentication settings Blocks a remote computer from connecting to a client computer until the client computer has authenticated that remote computer.

A location can be set to client control or mixed control so that the user can customize the Firewall Policy.

See Configuring Network Threat Protection settings for mixed control.

Firewall Policies can be edited or created similarly to the way other types of policies can be edited or created.  Firewall Policies can be assigned, withdrawn, replaced, copied, exported, imported, or deleted.

Typically  a policy can be assigned to multiple groups in the security network.  Create a non-shared, location-specific policy if there are specific requirements for a particular location.

 

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

John Santana's picture

Many thanks for the assistance people !

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.