Endpoint Protection

 View Only

  • 1.  SEP RU5 installed with Network Protection disables Windows 7 firewall.

    Posted Nov 10, 2009 04:10 PM

    Win7 x64bit       

    I am running in a domain as ADMIN.       

    This is the first deployment of a Win7 x64 Operating Systems in the domain.

    No GPO firewall Policy deployed.

    I just deployed the newest version of Symantec Endpoint Protection 11.0.5, upgraded from 11.0.4.

    After installing the SEP RU5 client, I went to the Windows Firewall control panel and saw the following text: "These settings are being managed by vendor application Symantec Endpoint Protection".

    My question is: “How do I now manage my firewall settings?”

    I do know that if I do not install the SEP11 Network Protection part of the SEP 11 install, the windows firewall is not disabled and acts normally.

    If I deploy SEP RU5 on WIN7 systems throughout my domain I want to have control of the windows firewalls on all systems.













  • 2.  RE: SEP RU5 installed with Network Protection disables Windows 7 firewall.

    Posted Nov 10, 2009 04:27 PM
    Network threat protection IS the firewall. So you can't have TWO firewalls running so the SEP install says since you are installing my SEP firewall (network threat protection) we must disable the windows firewall, which is really a pretty lame firewall.
    Personally, we are required here to use a centrally managed firewall, SEP fits that bill - or SEP's network threat protection does, so we want the Windows firewall off.
    In other words, you are installing a firewall, so it's normal for it to disable the Windows firewall.
    If you want to run the Windows firewall, don't install SEP's network protection


  • 3.  RE: SEP RU5 installed with Network Protection disables Windows 7 firewall.

    Posted Nov 10, 2009 04:38 PM
    Through Network threat protection; how do I manage the firewall then?


  • 4.  RE: SEP RU5 installed with Network Protection disables Windows 7 firewall.

    Posted Nov 10, 2009 04:42 PM

    By modifying the firwall policy (or policies) within the SEPM Console.



  • 5.  RE: SEP RU5 installed with Network Protection disables Windows 7 firewall.

    Posted Nov 18, 2009 04:03 PM
    OK, let's say I want to run Windows Firewall instead of the firewall included in SEP, but I need (for compliance reasons) to have Intrusion Prevention turned on.  On our Vista and XP clients, I've managed to do this by installing the full SEP package with no firewall policy for the client groups.  I then push out the globally applicable firewall rules via Group Policy.  SEP doesn't block anything other than detected intrusion events, and Windows Firewall does the rest.  Is this still possible under Windows 7?  On my laptop, which isn't part of our corporate domain, it appears that once SEP is installed, it is impossible for me to enable Windows Firewall by any means.  I wonder if on our domain computers, the GPO will override SEP's forced disabling of the Windows Firewall, or if Windows 7 computers handle multiple firewalls in such a way that I cannot continue to do what I have been.  I tried testing this on a virtual machine, but I cannot get SEP to install in that environment.  I have a Windows 7 system on order, but was hoping maybe someone could share their experience if they are (or have tried) doing something similar.


  • 6.  RE: SEP RU5 installed with Network Protection disables Windows 7 firewall.

    Posted Nov 18, 2009 04:07 PM
     If login as a Admin you can enable the Windows Firewall Service via Services.msc