Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP 12 Query

Created: 30 Jan 2010 • Updated: 01 Aug 2010 | 2 comments

Hi folks

I'm just after some information/assistance on the above product.

I'm a newbie exploring the MS Server 2008 R2 system and have created a domain etc with 1 Windows 7 client computer.  I have purchased SEP 12 Small Business Edition  for my server and clients and installed everything. 

When I open up the protection client on the server/win7 client  I see 2 headings in the main window; Virus and Spyware Protection, Poractive Threat Protection.  I do not see anything which states a firewall is installed.  Should there be something visible?

Furthermore, on the server, the PTP shows as off but yet still has a green/white tick next to it.  Is it working or not?

Also, I've tested the firewell using a PCFlank.com test and it fails on some elements:

Are these good or bad results??

Thanking you in advance

Chris D

We have scanned your computer' ports used by the most widespread trojan horses. Here is the description of possible ports' statuses:

"Stealthed" (by a firewall) -Means that your computer is invisible to others on the Internet and protected by a firewall or other similiar software;
"Closed" (non-stealthed) - means that this port is closed, but your computer is visible to others on the Internet that can be potentially dangerous;
"Open" - Means that this port is ready to establish (or has already established) a connection with remote address. It also means that your computer is vulnerable to attacks and could have been already hacked or infected by a trojan/backdoor;

  Port: Status     Service     Description
  21   stealthed     FTP     File Transfer Protocol is used to transfer files between computers
  23   stealthed     TELNET     Telnet is used to remotely create a shell (dos prompt)
  80   stealthed     HTTP     HTTP web services publish web pages
  139   stealthed     NETBIOS Session Service     NetBios is used to share files through your Network Neighborhood
  1080   stealthed     SOCKS PROXY     Socks Proxy is an internet proxy service
  1243   stealthed     SubSeven     SubSeven is one of the most widespread trojans
  3128   stealthed     Masters Paradise and RingZero     Trojan horses
  12345   stealthed     NetBus     NetBus is one of the most widespread trojans
  12348   stealthed     BioNet     BioNet is one of the most widespread trojan
  27374   stealthed     SubSeven     SubSeven is one of the most widespread trojans
  31337   stealthed     Back Orifice     Back Orifice is one of the most widespread trojans
  135   closed     RPC     Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems
  137   closed     NETBIOS Name Service     NetBios is used to share files through your Network Neighborhood
  138   closed     NETBIOS Datagram Service     NetBios is used to share files through your Network Neighborhood

Welcome to the PCFlank Leaktest results page.

Here are the results of your firewall handling PCFlank Leaktest. If in a table below you see the text you recently typed in while taking the test, this means your firewall has flunked it.

Your current PCFlank Leaktest Stats
IP Date Text
82.9.85.103 Jan 30, 2010 10:29:03 GMT ttrrt
82.9.85.103 Jan 30, 2010 09:30:17 GMT 1234
82.9.85.103 Jan 30, 2010 09:30:01 GMT chris
 

Total number of tests performed: 336135

Comments 2 CommentsJump to latest comment

Rafeeq's picture

hello chris,

here are few things which you can do with sep12
the firewall policies are scaled down

http://www.symantec.com/connect/articles/symantec-endpoint-protection-small-business-edition-120-frequently-asked-questions

PTP will be off on SERVER OS however it will be on on Winxp, win7 clients, its by design, its working fine so dont worry about it.

on any one client which has 2 headings listed
go to add/remove programs
select symatnec endpont
selcect modify
select firwall and then this feature will be available
run the install, you should see three components now
 

ChrisD3297's picture

Hi that's great stuff, thanks I'll give that a go.

One other Q I do have is that every so often  warning messages pop up from the Win7 Action Centre; a driver was incompatible and has been disabled..Any thoughts?

Regards

CD

P.S.  Even though the PTP is off on the server I take it I am still protected adequately? or would you suggest another tier of security?