Network Threat Protection Stays active after Location Awareness Switch
SEPM and client are running 12.1.2015.2015.
Client is in a test group with 3 locations: On Network (no rules), VPN Network (by IP Ranges), Off Network (Cannot resolve, ping nor connect to the SEPM). On network has NTP and IPS disabled by policy. VPN and Off Network both have them enabled. Live Update policy points to Symantec servers for Off Network and VPN, but local SEPM or GUP for On Network.
Client is switching locations properly, and the live update policy works properly based on their location. But SOME clients that report being On Network are still blocking traffic via network threat.
My question is:
Can the firewall be enabled and disabled on the fly based on location awareness settings? Or would I be better served to create a firewall policy that is enabled, but allows all traffic, thus effectively turning off any blocking? My eventual goal is to turn firewall on for all three locations, but I am still testing our firewall rules and am not ready to implement it in production yet, but would like to add the extra security for off network and VPN clients immediately.
Any help/advice is much appreciated.