Endpoint Protection

 View Only
  • 1.  RU4 SEP Firewall Status

    Posted Nov 01, 2013 11:02 AM

    I've been testing this out today, and have observed the same behviour as in RU2, RU2MP1, and RU3 whereby SEP clients that have the FW disabled by withdrawing the policy are still reporting as "disabled" in the SEPM's Home page report for "endpoints with disabled components".

    This appears to contradict the below fix in the latest notes:

    Client reports Firewall Status as “Disabled”
    Fix ID: 3115966
    Symptom: If you disable or withdraw the firewall policy from a client group, the clients display as “Disabled” on the Symantec Endpoint Protection Manager Home tab, under Endpoint Status. Clicking on the Endpoint Status chart shows the Firewall Status as “Disabled.” The Firewall Status should only display as “Disabled” if the end user disables the firewall.
    Solution: Implemented the creation of a registry key during a clean installation, kept during migration, to correctly trigger the “Disabled” firewall status report.

    http://www.symantec.com/docs/TECH211972

    This is for a machine and SEPM that has been upgraded from 12.1RU2.  The description seems to suggest the fix only applies to new installations.  I'd like to see confirmation if this is correct, if an uninstall/reinstall will implement the fix, and why it was chosen to omit existing clients from this fix.

    Cheers guys!



  • 2.  RE: RU4 SEP Firewall Status

    Posted Nov 01, 2013 11:08 AM
    What happens if a repair is done?


  • 3.  RE: RU4 SEP Firewall Status

    Posted Nov 01, 2013 11:11 AM

    I've not had a chance to do any further tests yet.  The ones planned are:

    • repair
    • unninstall & reinstall
    • Cleanwipe and reinstall
    • Clean build and install

    But I was after official word on what was intended



  • 4.  RE: RU4 SEP Firewall Status

    Posted Nov 02, 2013 01:01 PM

    Hi

    The same has been observed on our site

    Regards

     

     



  • 5.  RE: RU4 SEP Firewall Status
    Best Answer

    Trusted Advisor
    Posted Nov 04, 2013 06:43 AM

    Hello,

    I am currently working with Backline Teams on this issue.

    I would request you to contact Symantec Technical Support and create a case. Once done, please PM me the case #.

    Check these Steps below:

    How to create a new case in MySymantec

    http://www.symantec.com/business/support/index?page=content&id=TECH58873

    Phone numbers to contact Tech Support:-

    Regional Support Telephone Numbers:

    • United States: https://support.broadcom.com (407-357-7600 from outside the United States)
    • Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
    • United Kingdom: +44 (0) 870 606 6000

    Additional contact numbers: http://www.symantec.com/business/support/contact_t...

    Hope that helps!!


  • 6.  RE: RU4 SEP Firewall Status

    Posted Nov 06, 2013 09:44 AM

    I shall pursue this with Symantec Support when I next have a moment.