Endpoint Protection

 View Only

  • 1.  How to disable the Firewall rules from client console.

    Posted Sep 20, 2012 07:40 AM
      |   view attached

    Hi ,

    From SEPM policy no option to disbale the configure Firewall rules from client side. Please find attached screen shot.

    All options has been locked from SEPM for client side.

     

     



  • 2.  RE: How to disable the Firewall rules from client console.

    Broadcom Employee
    Posted Sep 20, 2012 07:59 AM

    Hi San1985,

    It depends upon how user control level is set on the SEP manager.

    Rules are categorized as either server rules or client rules. Server rules are the rules that you create in Symantec Endpoint Protection Manager and that are downloaded to the Symantec Endpoint Protection client. Client rules are the rules that the user creates on the client.

    Check following articles to know more details:

    About firewall server rules and client rules

    http://www.symantec.com/docs/HOWTO55484

    Changing the user control level

    http://www.symantec.com/docs/HOWTO55475

     



  • 3.  RE: How to disable the Firewall rules from client console.

    Posted Sep 20, 2012 08:32 AM

    If you want to enforce SEPM firewall rules, you have to switch to Server Control:

    Clients > Group > Policies > Location-specific settings > Client User Interface Control Settings > Server Control

    In Server Control mode, SEPM firewall rules will be enforced  on the clients. Users cannot create their own rules.

    In Client Control mode, SEPM firewall rules will be ignored, only users can create rules.

    In Mixed Control mode, rules on SEPM and clients will be, well, mixed. That's the order:

    1. SEPM rules above the blue line in the rules table
    2. Client rules
    3. SEPM rules below the blue line.


    In most cases, Server Control is the way to go.



  • 4.  RE: How to disable the Firewall rules from client console.

    Posted Sep 20, 2012 08:43 AM

    Check this thread it may be help

    http://www.symantec.com/connect/forums/sep-ru5-disable-firewall-policy-even-if-firewall-feature-installed-client

    Edit..

    You can change this setting after you can able all locked setting modify

    https://www-secure.symantec.com/connect/forums/clear-log-button



  • 5.  RE: How to disable the Firewall rules from client console.

    Posted Sep 23, 2012 12:15 PM

    Hope it help you.

    1. In the Symantec Endpoint Protection Manager (SEPM) console, under the Clients view, select the Group where you want to apply this policy.
    2. Select Policies tab on right side.
    3. Double-click the Firewall policy and select to Edit Shared when prompted.
    4. In the Firewall Policy window select Rules.
    5. Click the Add Blank Rule button. A blank rule is added to the list.

    This create a rule allow all ( equivalent to as firewall off )

    OR

    as you edit the firewall policy you will see a check box for"Enable this Rule" uncheck that and assign it to all groups.