Endpoint Protection

Hi,
Did anyone moved from any third party vendor to the SEP ? like McAfee or ISS ? , i want to move the firewall rules which are already in place over there to SEP firewall. is there any tool which will be able to do it from Symantec ?

I am fairly confident that Symantec does no supply any tool that will do that. Maybe you can get 3rd party software to do it, I am not sure. One thing I just wanted to mention too was for you to check out the Competitive Uninstall feature located on CD 2 of the SEP install. I makes transitioning from competitors software easier. I also wanted to make sure that you knew about SCFMigration tool (or the Symantec Client Firewall Migration tool). This allows you to take a policy located on a client and push it out to all of your clients. This tool is also located on CD 2 of the SEP install. Hopefully these two tools make your life easier.

Cheers
Grant-

hey Grant,
thanks for the reply though i wished there could be any way i could import export rules as i have 1000 rule set :) i already have SAV as a primary Av and ISS as a firewall i was moving towards the SEP and i was thinking to consolidate it with SEP as firewall & av...
seems like its a long data entry...

Sorry for the late reply, I was just really hopeing someone else would jump in here on this one. I really don't have an answer for you. I have searched through all of our documentation again and I can't think of a way to do this. I have never done the transition myself from another vendor so I am afraid I might not be the best person to ask. I am writing this more now to bump this thread so you can hopefully get an answer faster.

Cheers and sorry I can't be more helpful
Grant

Thanks Grant,
the way i am thinking to do , haven't tried it yet ,
I have the exported rules from the ISS Proventia desktop firewall in excel and in xml format

I will add some rules in the Symantec Firewall console and then export them

Open the export file and will see if they are readable

If they are then i will edit and copy paste all of the stuff from ISS rules in it then import it  back.


let see if it works :)
do u know by any chance that if its readable/xml kinda import/export in SEP ? i will check and update in a while...

I am very curious to know if you got this to work. If you did that would be awesome! I have had posts about this before and it would be extremely helpful to many switching from other AV's to ours so if you could update us that would be great. I think the file format that the import export uses is .DAT so I don't know if this is helpful to you. You might be able to script something up that reads in the xml to add it to the .DAT   I am not sure what effect this will have on the machine when you go to import this back, so do this at your own risk. You might have already tried this, so if it works please update ; )

Thanks
Grant-

Any updates?

Hi Grant, i tried but if you look at the dat file its all encrypted , i cant just add things in there and i dono that there is any tool from symantec which can write to that dat file ( i know you can read the dat files)

so i went ahead and re designed my rules ( and i am gald i did that) so now i have better rules set with menaing full things in it and i managed to create lots of Host groups and network services and created 15 rules which pretty much do everythin :D
still need to test.. and i had another problem that i can see that my rules are applied to the client but not actually working... like not blocking incoming 80 port it is automatically allowing the inetsvr service... lets see i must be doing something wrong thats why the default rule is kicking in i think.,

hmm I can't say exactly what is going wrong here, I would need more info to be of help. Before we go that route lets just make sure the firewall rules are being applied correctly. I am sure you have already used this, but to double check if you want to look through this knowledge base it might give us a better idea of which step is going wrong when making the firewall rules. Here is the kb:

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008060208101648

I am glad you got the firewall rules made without too much trouble : D

Grant-