Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

install sep firewall required on an unmanaged dectector??

Created: 24 Jun 2012 | 3 comments

I have enabled a few machines as unmanaged dectors. Do i also need to install the sep firewall component on the unmanaged detectors?
Is this Really necessary?

Comments 3 CommentsJump to latest comment

pete_4u2002's picture

it is necessary as it add more security. However the end user should be aware to manager the firewall rules. On unamnaged client end user will fine tune the firewall rules as this computer do not report to SEPM to get the policy/content.

Firewall Policies on Unmanaged Clients

http://www.symantec.com/docs/TECH105725

Mithun Sanghavi's picture

Hello,

In order to act as an unmanaged detector, SEP clients must have Network Threat Protection (NTP) enabled and be in Computer Mode. User Mode clients or clients without the firewall component (NTP) cannot act as unmanaged detectors.

To configure the client as an unmanaged detector, you must do the following actions:

•Enable Network Threat Protection.
•Switch the client to computer mode.
•Install the client on a computer that runs all the time.
•Enable only Symantec Endpoint Protection clients as unmanaged detectors.
 
 
Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

greg12's picture

As Mithun says, you have to enable NTP or, to put it more precisely, you need to install the UD with a packet with enabled NTP. But that doesn't mean you need to use the NTP components (firewall/IPS). It's possible to withdraw the Firewall and IPS policies in the UD group .