ICS services need to be blocked from SEPM application control need steps, this is to block wifi hotspot internet sharing which use ICS services ??

Created: 04 Feb 2013 | 6 comments

Nagaraj Kukke Partner

Hi,

I need to stop ICS services to prevent system sharing internet through wifi hotspot using third party softwares, where all wifi hotspot softwares will use ICS services to share internet, need steps to block the ICS services in SEPM application control.

Thanks in advance.

Regards,

NAGARAJ KUKKE

Discussion Filed Under:

Security, Endpoint Protection (AntiVirus) - 12.x, Endpoint Protection (AntiVirus), Configuring, Features, Uninstall

Group Ownership:

PartnerNet Group

Show Less

Login or register to post comments
Comments RSS Feed

Comments 6 Comments • Jump to latest comment

Brian81 Trusted Advisor

ICS services need to be blocked from SEPM application control need steps, this is to block wifi hotspot internet sharing which use ICS services ?? - Comment:04 Feb 2013 : Link

I don't believe can stop services out right. It would have to be blocked or terminated. Need to do it with GPO

You can block the wireless traffic, using this guide as a template

How to block all Wireless traffic when an Ethernet interface is active using Symantec Endpoint Protection

Article:TECH104970

Created: 2008-01-21

Updated: 2011-12-28

Article URL http://www.symantec.com/docs/TECH104970

SEP Knowledge Base

Endpoint SWAT

Ashish-Sharma Partner

ICS services need to be blocked from SEPM application control need steps, this is to block wifi hotspot internet sharing which use ICS services ?? - Comment:04 Feb 2013 : Link

HI,

You can't Stop ICS services through SEPM adc policy.

You can do this for group policy

http://technet.microsoft.com/en-us/library/cc770930(v=ws.10).aspx

Thanks In Advance

Ashish Sharma

SEPM Knowledgebase Documents

Ajit Jha Partner

ICS services need to be blocked from SEPM application control need steps, this is to block wifi hotspot internet sharing which use ICS services ?? - Comment:04 Feb 2013 : Link

No no. Stopping the Windows Services using SEPM is not possible. But you can create a Firewall rule to Block the Wireless Traffic:

Block Wireless traffic using a Firewall rule

Select Clients> Policies in the Symantec Endpoint Protection Manager console.
Under "View Policies", select Firewall.
Double click the Firewall Policy for the "Ethernet" location.
Select Rules on the left
Click the "Add a new Blank Rule." button on the lower right side of the window.
Select the Blank Rule made in the previous step and move it to the top of the rule list.
Double click Action and select Block.
Double click Adapter and select Wireless.
Leave "Application", "Host", "Service" and "Time" as Any.
Click OK. The action is now completed.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

Nagaraj Kukke Partner

ICS services need to be blocked from SEPM application control need steps, this is to block wifi hotspot internet sharing which use ICS services ?? - Comment:04 Feb 2013 : Link

Hi,

Blocking the wifi adapter is not possible where all of our systems connect through wifi, few third party application software will modify the wifi adapter as wifi portable hotspot as access point where few users will connect it to using the sharing internet, I need to block only ICS services through SEPM application, ICS services will start manually when wifi hotspot software starts and stops when application stops.

regards,

nagaraj kukke

Thanks & Regards,

Nagaraj Kukke