Video Screencast Help

RU4 SEP Firewall Status

Created: 01 Nov 2013 • Updated: 11 Feb 2014 | 5 comments
SMLatCST's picture

I've been testing this out today, and have observed the same behviour as in RU2, RU2MP1, and RU3 whereby SEP clients that have the FW disabled by withdrawing the policy are still reporting as "disabled" in the SEPM's Home page report for "endpoints with disabled components".

This appears to contradict the below fix in the latest notes:

Client reports Firewall Status as “Disabled”
Fix ID: 3115966
Symptom: If you disable or withdraw the firewall policy from a client group, the clients display as “Disabled” on the Symantec Endpoint Protection Manager Home tab, under Endpoint Status. Clicking on the Endpoint Status chart shows the Firewall Status as “Disabled.” The Firewall Status should only display as “Disabled” if the end user disables the firewall.
Solution: Implemented the creation of a registry key during a clean installation, kept during migration, to correctly trigger the “Disabled” firewall status report.

This is for a machine and SEPM that has been upgraded from 12.1RU2.  The description seems to suggest the fix only applies to new installations.  I'd like to see confirmation if this is correct, if an uninstall/reinstall will implement the fix, and why it was chosen to omit existing clients from this fix.

Cheers guys!

Operating Systems:

Comments 5 CommentsJump to latest comment

Brɨan's picture

What happens if a repair is done?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SMLatCST's picture

I've not had a chance to do any further tests yet.  The ones planned are:

  • repair
  • unninstall & reinstall
  • Cleanwipe and reinstall
  • Clean build and install

But I was after official word on what was intended

SameerU's picture


The same has been observed on our site


Mithun Sanghavi's picture


I am currently working with Backline Teams on this issue.

I would request you to contact Symantec Technical Support and create a case. Once done, please PM me the case #.

Check these Steps below:

How to create a new case in MySymantec

Phone numbers to contact Tech Support:-

Regional Support Telephone Numbers:

  • United States: 800-342-0652 (407-357-7600 from outside the United States)
  • Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
  • United Kingdom: +44 (0) 870 606 6000

Additional contact numbers:

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SMLatCST's picture

I shall pursue this with Symantec Support when I next have a moment.