Video Screencast Help

How to disable the Firewall rules from client console.

Created: 20 Sep 2012 | 4 comments

Hi ,

From SEPM policy no option to disbale the configure Firewall rules from client side. Please find attached screen shot.

All options has been locked from SEPM for client side.

Comments 4 CommentsJump to latest comment

rs_cert's picture

Hope it help you.

  1. In the Symantec Endpoint Protection Manager (SEPM) console, under the Clients view, select the Group where you want to apply this policy.
  2. Select Policies tab on right side.
  3. Double-click the Firewall policy and select to Edit Shared when prompted.
  4. In the Firewall Policy window select Rules.
  5. Click the Add Blank Rule button. A blank rule is added to the list.

This create a rule allow all ( equivalent to as firewall off )


as you edit the firewall policy you will see a check box for"Enable this Rule" uncheck that and assign it to all groups.

Chetan Savade's picture

Hi San1985,

It depends upon how user control level is set on the SEP manager.

Rules are categorized as either server rules or client rules. Server rules are the rules that you create in Symantec Endpoint Protection Manager and that are downloaded to the Symantec Endpoint Protection client. Client rules are the rules that the user creates on the client.

Check following articles to know more details:

About firewall server rules and client rules

Changing the user control level

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

greg12's picture

If you want to enforce SEPM firewall rules, you have to switch to Server Control:

Clients > Group > Policies > Location-specific settings > Client User Interface Control Settings > Server Control

In Server Control mode, SEPM firewall rules will be enforced  on the clients. Users cannot create their own rules.

In Client Control mode, SEPM firewall rules will be ignored, only users can create rules.

In Mixed Control mode, rules on SEPM and clients will be, well, mixed. That's the order:

  1. SEPM rules above the blue line in the rules table
  2. Client rules
  3. SEPM rules below the blue line.

In most cases, Server Control is the way to go.