Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

SEP 12 RU4 take control windows firewall

Created: 17 Dec 2013 | 10 comments

Dear guy

yesterday i had upgrade SEPM to 12.1 RU4, i was export client package and install on windows server ( Win 2008 ENT R2 & win 2012 STD R2) , after install successfull , SEP client take control windows firewall (see picture) . So now i cant control my firewall , all server i using mode: client control and firewall policy is NO action with windows firewall .

So i was try this step : change to mode : server control and restart . after that server windows firewall give me back control. 

IF i use SERVER control may be limit another admin access their server . This is server so i dont need to take control windows firewall because another admin need to control their server windows firewall without SEP firewall.

Can somebody help me ?

180px_sep ru4.jpg

Operating Systems:

Comments 10 CommentsJump to latest comment

James007's picture

HI,

You can check this blog and enable windows firewall

https://www-secure.symantec.com/connect/blogs/how-enable-windows-firewall-setting-windows-7-machine-sepm-1212

Using (Enabling) Windows Firewall with SEP NTP installed
Article:TECH197660  |  Created: 2012-10-01  |  Updated: 2012-11-02  |  Article URL http://www.symantec.com/docs/TECH197660
chihung's picture

Hi James007

I was try it before but dont helpful for me.Problem still there.

James007's picture

Hi,

Whet sep feature do you have install ?

Try to disable NTP feature in windows server

Disabling the Windows firewall
Article:HOWTO55336  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55336
Best Practices for using Windows Firewall with Symantec Endpoint Protection 12.1
Article:TECH196975  |  Created: 2012-09-20  |  Updated: 2012-09-20  |  Article URL http://www.symantec.com/docs/TECH196975
Brɨan's picture

Set the option to Restore if Disabled in the policy

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

chihung's picture

hi all 

thanks all support. After I doing more and more testing , i prevent 2 situation:

1/ disable or unistall NTP : this step can make you take back control Windows FW if number of SEP client is small and NO Windows FW policy is applied on client

2/ Change client user control inteface setting : server control or mix .(see picture) After do it i was taken back windows FW And i choice this step and i think this is the best way . Why i choice this ? becasuse :

     a. I had more than 7000 SEP client ( server + client ) so I cant unstall NTP for each SEP client even if i deploy a new package for all. IT is impossible.

     b. I had some windows FW policy is applied for server ( ~200 server ) and client ( ~7000 PC) , and i dont want SEP FW overwrite 

     c. for all client i had used SNAC Host integrity ( safe enforce ) so i still need SEP FW for client

Summary : I need Windows FW + SEP FW live together. Nobody disable another.

I think this is SEPM 12.1 RU4 issuse , because before i upgrade SEPM  everything still good  . 

sep ru4.gif

chihung's picture

yes , before i post this thread , i was try that blog guide before but nothing change.

James007's picture

Does sep client received policy ?Did you check restart system after apply policy ?