Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

ICS services need to be blocked from SEPM application control need steps, this is to block wifi hotspot internet sharing which use ICS services ??

Created: 04 Feb 2013 | 6 comments
Nagaraj Kukke's picture

Hi,

I need to stop ICS services to prevent system sharing internet through wifi hotspot using third party softwares, where all wifi hotspot softwares will use ICS services to share internet, need steps to block the ICS services in SEPM application control.

Thanks in advance.

Regards,

NAGARAJ KUKKE

Comments 6 CommentsJump to latest comment

.Brian's picture

I don't believe can stop services out right. It would have to be blocked or terminated.  Need to do it with GPO

You can block the wireless traffic, using this guide as a template

How to block all Wireless traffic when an Ethernet interface is active using Symantec Endpoint Protection

Article:TECH104970  |  Created: 2008-01-21  |  Updated: 2011-12-28  |  Article URL http://www.symantec.com/docs/TECH104970

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ajit Jha's picture

No no. Stopping the Windows Services using SEPM is not possible. But you can create a Firewall rule to Block the Wireless Traffic:

Block Wireless traffic using a Firewall rule

  1. Select Clients> Policies in the Symantec Endpoint Protection Manager console.
  2. Under "View Policies", select Firewall.
  3. Double click the Firewall Policy for the "Ethernet" location.
  4. Select Rules on the left
  5. Click the "Add a new Blank Rule." button on the lower right side of the window.
  6. Select the Blank Rule made in the previous step and move it to the top of the rule list.
  7. Double click Action and select Block.
  8. Double click Adapter and select Wireless.
  9. Leave "Application", "Host", "Service" and "Time" as Any.
  10. Click OK. The action is now completed.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

Nagaraj Kukke's picture

Hi, 

Blocking the wifi adapter is not possible where all of our systems connect through wifi, few third party application software will modify the wifi adapter as wifi portable hotspot as access point where few users will connect it to using the sharing internet, I need to block only ICS services through SEPM application, ICS services will start manually when wifi hotspot software starts and stops when application stops.

regards,

nagaraj kukke

Thanks & Regards,

Nagaraj Kukke

.Brian's picture

SEPM ADC does not allow for stopping services.

This would need to be done with a GPO

Enable or disable Internet Connection Sharing with Group Policy

http://technet.microsoft.com/en-us/library/cc77093...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

By Default, SEP firewall Allows Internet Connection Sharing.

Please Enable or disable Internet Connection Sharing with Group Policy

http://technet.microsoft.com/en-us/library/cc770930%28v=ws.10%29.aspx

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.