Endpoint Protection

Hi,

How is this possible to assign two different policies into one same group (the screenshot shows that tehe Default group can have more than one firewall policy):

Use location awareness

You need to setup multiple locations and than you can assign each location to have a different policy if you wish. Only one policy can be assigned to a group location but you can assign different policies to different locations.

Best Practices for Symantec Endpoint Protection Location Awareness

Enabling location awareness for a client

Adding a location to a group

More about Location Awareness in Symantec Endpoint Protection (SEP)

Hi John,

I agree with Brian.

If we have multiple locations configured for the groups we can assign diffrent policies for each location.

for eg:- If you have two locations as "inside office" & "outside office" then we can have policies different when they are in specific locations.If you want to block internet when its outside office but want to enable internet when it is inside office then we can configure policies to achieve it.

If you want to find out which policy is used in specific locaitons then you would need to go from clients tab and check the policies for those specific locations.

- MASH

ok, then I should go to the Client tab then go to Policy ... ? 

Yes

To add a location with a wizard'

1. In the console, click Clients.
2. On the Clients page, under View Clients, select the group to add one or more locations to.
3. On the Policies tab, uncheck Inherit policies and settings from parent group "group name".
Add locations only to groups that do not inherit policies from the parent group.
4. Under Tasks, click Add Location.
5. In the Welcome to the Add Location Wizard panel, click Next.
6. In the Specify Location Name panel, type a name and description for the new location, and click Next.
7. In the Specify a Condition panel, select any of the following conditions under which a client switches from one location to another:
No specific condition Select this option so that the client can choose this location if multiple locations are available.

http://www.symantec.com/business/support/index?page=content&id=TECH97369

Hello,

How to add more than two Location based settings firewall policy to the newly created group ?

1) First create a new location.

Clients Tab--> click on policies on right pane--> click on "Add Location" and follow the wizard.

2) Once the location is added go to Policies tab which is below reports tab on the left side.

3) When you apply a policy just right click and you will be able to find all the groups and all the locations inside the group. You can select it location wise .

You can achieve it only through enabling location awareness - then each location can have a separate policies.

But looking on your first screenshot - I see it was taken from the Policies Tab and not directly from a Clients/group - are those seen policies there assigned to the same group?

Hi,

It's not possible to assign two firewall policies at the same time until you use location awareness policy.

Combine both the policies firewall rule & make it a single firewall policy. In this way it should work. 

Than click on "Add Location" and add another location