I installed SEPM 11.0.6 on the same server (ws2003r2 std) where is the Isa Server 2004.
I would like to know, which protocol(s) and port(s) I have to integrate/open into firewall policy on ISA, to establish communication between SEPM and SEP client ?
thanks
Hi,
Please have a look on:
Considerations when using antivirus software on ISA Server http://technet.microsoft.com/en-us/business/support/library/cc707727.aspx
ISA server: http://www.isaserver.org/tutorials/Allowing_Norton_AntiVirus_software_LiveUpdate_through_ISA_Server.htmlhttp://www.isaserver.org/tutorials/How_to_allow_Symantec_Liveupdate_access_through_ISA.html
The following document contains our default ports. Our traffic will need to be allowed through these ports in order for clients to connect to the SEPM server. You may need to adjust these if you have utilized any custom ports during installation.
Which Communication Ports does Symantec Endpoint Protection 11.0 use? http://www.symantec.com/business/support/index?page=content&id=TECH102416&locale=en_US
Hello almirk,
I just want to share my thinks with you. Isa server should be very busy about your internet requests, and id you publish your OWA via Isa and if share VPN with ISA. Therefore your network should be fast. Because ISA is already comminicate users which want to surf on internet, and sep manager will comminicate clients too. this is only idea came from experiance :)
Best Regards.
Fatih
open IIS, expand symantec webserver, check the port, if its 8014, thats the one u need to allow for communication; thats it
Maybe if you only want to allow SEP to SEPM traffic.
You seem to of forgotten all of the other SEP ports
443 - for optional secured https
1433 - for sql datase comms
1812 - for snac enforcer
9090 and 8443 - for remote admin console
You will need to open only 8014 for a normal SEPM-SEP client communication.
A typical ISA configuration will be:
Internal - Local Netowrk through port 8014
You just need to open port 8014...that's it!
thanks to all of you, I resolved my problem...
We're glad to have helped.
The behavior-based TruScan Proactive Threat Scan feature is not supported on servers, therefore it is recommended that this feature should not be selected for this specific client installation package.
The Antivirus Email Protection features are aimed at providing additional protection to client-side email applications such as Microsoft Outlook and Lotus Notes, therefore if you won‟ run these directly on the Small Business Server, these features should not be selected.
If you are currently running the ISA 2004 firewall on the Microsoft Small Business Server, you should ensure the Network Threat Protection feature is not be selected.
On the servers OS's I installed only antivirus&antispyware component, that's recommended i think.