Video Screencast Help

SEP 11.0.5002.333 firewall randomly doesn't load - Windows 7 SP1

Created: 11 Aug 2012 | 7 comments

We have a bunch of machines that are all created from a standardized image, sysprepped, and then applied to many computers using Windows Deployment Services.

Out of a group of about 25 machines, on 2 - 4 of them the SEP 11 firewall will fail to load and the Windows firewall is used instead.

For the most part this isn't a huge problem with the default Windows domain firewall config, but this doesn't have remote management services passthrough enabled, so the machines are hard to centrally manage.

====

,

When everything is working, I see this in the Windows Firewall settings:

,

,

 

However, for the machines where SEP 11 firewall isn't loading, I see this:

,

,

But the SEP 11 client doesn't say there are any problems:

,

,

And there's nothing in the log files

,

,

,

,

The Windows System and Application logs also show no errors:

,

,

So, I have no idea what the problem is. I don't see a way on the local SEP 11 client to view its firewall configuration.

Apparently it is fully policy based and tells the local user absolutely nothing, but if it is broken then there is also no way to discover locally what is going on.

 

Comments 7 CommentsJump to latest comment

Mick2009's picture

Hi Dale,

The very first thing I would recommend is to upgrade those SEP clients.  SEP 11 RU5 is not supported on Win7 SP1.  That's a combination that was never tested/certified.

Support was introduced with SEP 11 RU7.  https://www-secure.symantec.com/connect/ideas/symantec-endpoint-protection-support-microsoft-windows-7-service-pack-1-and-windows-server-200

Personally, I prefer the very latest SEP 12.1 release.

Hope this helps!  &: )

With thanks and best regards,

Mick

Chetan Savade's picture

Hi,

As Mick said, please upgrade to the latest version.

Check latest SEP releases here:

http://bit.ly/m0vOJp

You have two available upgrade paths.

SEP 11.0.5000.233 i.e. RU5 --> RU7 --> RU7 MP2

OR

SEP 11.0.5000.233 i.e. RU5 --> SEP 12.1 RU1 --> SEP 12.1 RU1 MP1

Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

John Q.'s picture

Just to complete Mick's post: Windows 7 SP1 is supported from SEP 11.0 RU7 (http://www.symantec.com/docs/TECH167664).

I have had some cases in the past showing odd Firewall behaviour like yours, I would then strongly recommend you to update, as previously mentioned.

 

Please remember to mark the proper comment as SOLUTION:
 - to identify threads that do not require further assistance
 - to let other visitors know how to fix such issue

Dale Mahalko's picture

So, what update options are available if we didn't renew maintenance one year after the initial purchase in June 2010?

The 11.0.5 management server and clients check for "updates" by itself and says nothing is available.

,

Are RU's free or will this end up costing us $5000 to relicense everything?

If that is the situation, I may just disable the SEP firewall, use Window's builtin firewall and GPOs, and only use the antivirus component with Win 7 SP1.

 

John Q.'s picture

If your licenses/contracts are still valid, you can find SEP 11.0 RU7 sources on https://fileconnect.symantec.com.

If all your licenses and contracts have expired, well you are in an illegal spot and we cannot help you much...

 

Please remember to mark the proper comment as SOLUTION:
 - to identify threads that do not require further assistance
 - to let other visitors know how to fix such issue

Chetan Savade's picture

Are RU's free or will this end up costing us $5000 to relicense everything?

--> Release updates are free if product has a valid license, as per comment it seems product is expired on June'11.

Please get in touch with reseller or business partner even you can call Symantec license department.

Licensing Symantec Endpoint Protection

http://www.symantec.com/docs/HOWTO55056

Purchasing licenses

http://www.symantec.com/docs/HOWTO55072

Where to buy a Symantec product license

http://www.symantec.com/docs/HOWTO55298

Product license requirements

http://www.symantec.com/docs/HOWTO55074

Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Dale Mahalko's picture

I will see what the portal says the licensing status is. I was not involved in the original purchasing.