Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

RU2 Difference - SEP Firewall Behaviour Changed

Created: 19 Dec 2012 | 1 comment
SMLatCST's picture

RU2 clients that are installed with the Firewall component, but that have the Firewall policy withdrawn, are reported within the SEPM's Home Security Status (and Clients -> Protection Techonlogies) as having NTP disabled.

This does not affect 12.1RU1MP1 clients reporting to a RU2 SEPM, which report the Firewall is enabled even if the FW Policy has been withdrawn as per:

http://www.symantec.com/docs/TECH162868

From a technical view, I'd assume the above article is still correct as IPS is still in enabled and in use.  But the way the client reports its status to the SEPM has changed.

Ideally we want the SEPM to be able to differentiate between a client's SEP firewall being disabled by the FW policy being withdrawn (SEP Administrator does not want the client FW to be on), and the FW being disabled by the end user (SEP Admin wants the FW to be on, but end user has disabled it and has the power to do so).  I've created this as an "Idea" as below:

https://www-secure.symantec.com/connect/ideas/diff...

Comments 1 CommentJump to latest comment

Ajit Jha's picture

Hmm, its true. Saw ur Idea, i agree.

Regard's

Ajit Jha

Technical Consultant

ASC & STS