Video Screencast Help

SEP Firewall Rule Creation

Created: 19 Apr 2010 • Updated: 22 Oct 2010 | 7 comments

I am looking for a way to create Firewall rules either via a Command Line or any other Batch ways.  My goal is to create a rule, or host group, that would block an entire country, ie China being that most of the issues are coming from there and I don't want to have to type in 1000+ ip and subnets.

An example text file would contain:
# Country: ALBANIA
# ISO Code: AL
# Total Networks: 21
# Total Subnets:  156,928
77.242.16.0/255.255.240.0
79.98.112.0/255.255.248.0
79.106.0.0/255.255.0.0
79.171.48.0/255.255.248.0
80.78.64.0/255.255.240.0
80.90.80.0/255.255.240.0
80.91.112.0/255.255.240.0
84.20.64.0/255.255.224.0
91.210.136.0/255.255.252.0
92.60.16.0/255.255.240.0
...

Comments 7 CommentsJump to latest comment

Vikram Kumar-SAV to SEP's picture

Currently there isn't a command line to do that..however if you are using SQL..then there might be way of doing that..

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

cmader's picture

I am using the integrated database, is there a way to connect to that database and modify a table, or does that option only work with MS-SQL?

Thanks!

P_K_'s picture

There is no functionallity in SEPM to create a rule via command line or via batch file.

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

Vikram Kumar-SAV to SEP's picture

its all about tweaking the database since embedded database is Sybase DB, free db so there isn't much tweaking that can be done and you need expertise in Sybase DB in order to do that however its easier in SQL to do that

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

thatdude's picture

I use host lists that have many entries. I need to create one that will have over 500 subnets included and I'm dreading the fact that I have to enter it one by one. I may try the SQL suggestion but the gui should be able to accept a list instead of only allowing one at a time

Grant_Hall's picture

You guys are right this really needs to be implemented. Personally I have only had to do 100 at once and even that seemed like far too many. One of you should create a new Idea in our ideas section of the forum https://www-secure.symantec.com/connect/security/ideas, and explain how you think it should be best implemented. Maybe through a external file or better SQL support or through the GUI somehow. 

Thanks
Gran

Please don't forget to mark your thread solved with whatever answer helped you : )

cmader's picture

I have created a new idea thread at https://www-secure.symantec.com/connect/idea/import-host-text-file if anyone would like to comment on so that a import option can be created for us.