Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP 12 RU4 take control windows firewall

Created: 17 Dec 2013 | 10 comments

Dear guy

yesterday i had upgrade SEPM to 12.1 RU4, i was export client package and install on windows server ( Win 2008 ENT R2 & win 2012 STD R2) , after install successfull , SEP client take control windows firewall (see picture) . So now i cant control my firewall , all server i using mode: client control and firewall policy is NO action with windows firewall .

So i was try this step : change to mode : server control and restart . after that server windows firewall give me back control. 

IF i use SERVER control may be limit another admin access their server . This is server so i dont need to take control windows firewall because another admin need to control their server windows firewall without SEP firewall.

Can somebody help me ?

180px_sep ru4.jpg

Operating Systems:

Comments 10 CommentsJump to latest comment

James007's picture

HI,

You can check this blog and enable windows firewall

https://www-secure.symantec.com/connect/blogs/how-enable-windows-firewall-setting-windows-7-machine-sepm-1212

Using (Enabling) Windows Firewall with SEP NTP installed

 

Article:TECH197660  |  Created: 2012-10-01  |  Updated: 2012-11-02  |  Article URL http://www.symantec.com/docs/TECH197660

 

chihung's picture

Hi James007

I was try it before but dont helpful for me.Problem still there.

James007's picture

Hi,

Whet sep feature do you have install ?

Try to disable NTP feature in windows server

Disabling the Windows firewall

 

Article:HOWTO55336  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55336

Best Practices for using Windows Firewall with Symantec Endpoint Protection 12.1

 

Article:TECH196975  |  Created: 2012-09-20  |  Updated: 2012-09-20  |  Article URL http://www.symantec.com/docs/TECH196975

 

.Brian's picture

Set the option to Restore if Disabled in the policy

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

chihung's picture

hi all 

thanks all support. After I doing more and more testing , i prevent 2 situation:

1/ disable or unistall NTP : this step can make you take back control Windows FW if number of SEP client is small and NO Windows FW policy is applied on client

2/ Change client user control inteface setting : server control or mix .(see picture) After do it i was taken back windows FW And i choice this step and i think this is the best way . Why i choice this ? becasuse :

     a. I had more than 7000 SEP client ( server + client ) so I cant unstall NTP for each SEP client even if i deploy a new package for all. IT is impossible.

     b. I had some windows FW policy is applied for server ( ~200 server ) and client ( ~7000 PC) , and i dont want SEP FW overwrite 

     c. for all client i had used SNAC Host integrity ( safe enforce ) so i still need SEP FW for client

Summary : I need Windows FW + SEP FW live together. Nobody disable another.

I think this is SEPM 12.1 RU4 issuse , because before i upgrade SEPM  everything still good  . 

sep ru4.gif

 

chihung's picture

yes , before i post this thread , i was try that blog guide before but nothing change.

James007's picture

Does sep client received policy ?Did you check restart system after apply policy ?