Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP 12.1 RU2 Firewall Policy Compatible with SEP 11 Clients?

Created: 13 Feb 2013 • Updated: 29 May 2013 | 5 comments
This issue has been solved. See solution.

Recently upgraded SEPM to 12.1 RU2.  Currently we are not running the Firewall Policy enabled.  We are looking at enabling the Firewall Policy here in the near future.  One of the questions that was raised is in reference to the Firewall Policy being applied to SEP 11 and SEP 12 clients. 

Can we use one Firewall Policy across both versions?  If not how do we identify separation between the two versions? 

One other question, does the Firewall Policy work similar to how the LiveUpdate Policy works where there is new additional features(Explicit Group Update Providers) that are only compatible with SEP 12 clients?  If yes, can someone identify which portions of the new Firewall Policy only apply to SEP 12 clients?

Comments 5 CommentsJump to latest comment

.Brian's picture

Yes, the 12.1 policy will apply to 11.x clients. If there are features specific to 12.1 than they wouldn't apply. But there isn't a whole of difference between 11.x and 12.1

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
SEP_FMI's picture

Do you know by chance what the specific differences are? 

I just don't want to apply settings within the policy and let people know that they are now in place only to find out that SEP 11 is not accepting them.

.Brian's picture

More "default" rules were added. Check them here:

Default Symantec Endpoint Protection 12.1 RU1 Firewall Policy explanation

Article:TECH180569  |  Created: 2012-02-02  |  Updated: 2012-02-02  |  Article URL http://www.symantec.com/docs/TECH180569

 

But basically:

What's new in SEP 12.1?

Ø  New Default FW rules (Allow Web Service, LLMNR, SSDP on private networks)

Ø  FW rule for TCP/UDP is now effective for both ipv4 and ipv6 traffic. All FW rule columns are applied for both ipv4 and ipv6 traffic. Ex: port, application, action, time, etc.

Ø  Limited IPv6 support. i.e.

-           The FW rule does not allow user to specify ipv6 address.

-           Use ‘All hosts’ for the ‘Hosts’ column

-           This means all ipv4 and ipv6 addresses

-           Traffic, Packet, Security Logs can display ipv4/ipv6 addresses.

-           No support yet for IPv6 tunneling (ISATAP, Teredo, etc).

Ø  Ability to disable FW policy on Client UI

Ø  Option to disable Windows Firewall

Ø  Decoupling FW and IPS component

Ø  FW rule support “Local Subnet”

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

AjinBabu's picture

HI, 

As Brian said, it can use 12.1 policies on 11.x clients.

Regards

Ajin

AjinBabu's picture

HI, 

Please find the Below also

Feature mapping between 11.x and 12.1 clients

When you upgrade clients using the autoupgrade feature, and check the Maintain Existing Features option, the features that are configured in legacy clients are mapped to the new version.

The tables in this section depict the feature mapping between previous versions and the new version of Symantec Endpoint Protection for common update scenarios.

If you migrate from a previous version, be aware that Antivirus and Antispyware Protection in Symantec Endpoint Protection 11.x is called Virus and Spyware Protection in version 12.1.

compares the default protection technologies between 11.x and 12.1 clients.

Table: 11.x to 12.1 default client protection

Default 11.x client protection

Default 12.1 client protection

Antivirus + TruScan

Antivirus + SONAR + Download Insight

Antivirus

Antivirus + Basic Download Insight

Antivirus without Proactive Threat Protection

Antivirus without SONAR or Download Insight

Table: 11.x to 12.1 full protection

Existing 11.x features installed

12.1 features installed after Autoupgrade

Antivirus and Antispyware Protection

·         Antivirus and Antispyware Protection

Virus and Spyware Protection

·         Basic Virus and Spyware Protection

·         Download Insight

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Proactive Threat Protection

·         TruScan proactive threat scan

·         Application and Device Control

Proactive Threat Protection

·         SONAR

·         Application and Device Control

Network Threat Protection

·         Network Threat Protection

·         Intrusion Prevention

Network Threat Protection

·         Network Threat Protection

·         Intrusion Prevention

Table: 11.x to 12.1 AV only

Existing 11.x features installed

12.1 features installed after Autoupgrade

Antivirus and Antispyware Protection

·         Antivirus and Antispyware Protection

Virus and Spyware Protection

·         Basic Virus and Spyware Protection

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Table: 11.x to 12.1 AV + Proactive Threat Protection

Existing 11.x features installed

12.1 features installed after Autoupgrade

Antivirus and Antispyware Protection

·         Antivirus and Antispyware Protection

Virus and Spyware Protection

·         Basic Virus and Spyware Protection

·         Download Insight

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Proactive Threat Protection

·         TruScan proactive threat scan

·         Application and Device Control

Proactive Threat Protection

·         SONAR

·         Application and Device Control

 

Network Threat Protection

·         Intrusion Prevention System

Table: 11.x to 12.1 (full version) firewall only

Existing 11.x features installed

12.1 features installed after Autoupgrade

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

·         Lotus Notes Scanner

Proactive Threat Protection

·         Application and Device Control

Proactive Threat Protection

·         Application and Device Control

Network Threat Protection

·         Network Threat Protection

Network Threat Protection

·         Network Threat Protection

Note:

The 12.x version only includes the firewall

Table: 12.0 Small Business Edition to 12.1 (full version)

Existing 12.0 Small Business Edition features installed

12.1 features installed after Autoupgrade

Antivirus and Antispyware Protection

·         Antivirus and Antispyware Protection

Virus and Spyware Protection

·         Basic Virus and Spyware Protection

·         Download Insight

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

Auto-Protect Email Protection

·         POP3/SMTP Scanner

·         Microsoft Outlook Scanner

Proactive Threat Protection

·         TruScan proactive threat scan

Proactive Threat Protection

·         SONAR

·         Application and Device Control

Network Threat Protection

·         Firewall and Intrusion Prevention

Network Threat Protection

·         Network Threat Protection

·         Intrusion Prevention

Regards

Ajin