Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Server 2003 inaccessible with Threat Protection Network activate

Created: 22 Jan 2008 • Updated: 27 Oct 2010 | 9 comments
Hi,
 
We have installed Symantec Endpoint Protection 11.0 on a Win2k3 Server.
 
It's woks fine but when option "Protection contre les menaces réseaux" is activated, users can not access on the server. When this option is desactivated, they can access ressources.
 
The problem is when we make a restart of the Server, the option "Protection contre les menaces réseaux" is always activated.
 
Sorry for my bad english...
 
Thanks for your help !

Comments 9 CommentsJump to latest comment

pbogu's picture

adjust firewall policy to allow conections from clients.
check for the policy assigned to the server - if it has threat protection activated the server will aplly this policy after reboot.
i think that the best solution would be creating group only for server(s) and assigning policies different from the worstations' policies (you can copy them from current policy and adjust them, you don't have to creat them from scratch)

Oivin's picture

I would take this a step further: Why do you install a Client Firewall on a server?

In my opinion, the server is there to be accessible to users, the security is taken care of by assigning user rights to directories, shares and files. I can only understand installing a Client Firewall to a server that is running programs like the controller program to the the buildings security systems, or similar. Many companys also have their servers behind a corporate firewall, to control the traffic between clients and servers.

A server also should use its resources to serve users, not fiddle with a "Personal Firewall".  ;)

In my humble opinion: Make a client installation set for servers including Antivirus and Antispyware, NOT email plugins, MAYBE Proactive Threat Protection (does not work on 64bit servers), but NOT Network Threat Protection.


Arniqua's picture
Thanks you for all your responses.
 
Has anyone any experience to uninstall the SEPM Client Firewall on the server ?
 
Thanks
rauneh's picture

I suppose you mean removing the Network Threat Protection from you servers.. ?

If you have all servers in one group in the console, you just create a install (upgrade) package for that group, where you don't include the Network Threat Protection feature. You can only do this if the client communicates with the SEPM server.

Or you can probably go to add remove programs and modify the installation manually.

scarm's picture

Symantec offers a clean wipe utility that will totally remove all files and registry entries for SEP11     only the antivirus option should be installed.

 

Create a package containing only this feature from the console

 

but be warned - SEP 11 has  been causing SMB1 clients (windows xp clients) to not be able to connect to the files shares on the server SEP 11 client has been installed on.

 

So far no word from support on this

TezFair's picture

I installed SBS 2003 Prem over the weekend and installed the trial SEM11 as the licenses hadn't come though in time. By Tuesday the Servers LAN was showing 0 packets received (after a night time windows update/reboot). It wasn't able respond to pings, DHCP + DNS was all down - effectively a dead network.

 

After trying just about everything to get it running, I decided to at least get the company running on the previous nights external backup so started to reconfigure the clients as a simple workgroup, then realised that the endpoints on each machine were killing any access from other PCs. Its as if it locks down when it can't talk to the server.

 

After uninstalling the AV on the local pcs, they were then able to see each other over the network, so this got me thinking..what if its the SEM on the server blocking everything.

 

Uninstalled SEM, restarted and the LAN started to show network activity. Even the 6004 errrors disappeared!!

 

Upshot is that now they have only email security, but the network is working great. As they have licences on order im tempted to install v10. IMHO its a far better product in terms of rolling it out and doesn't have all this network issues. 

 

Terry

 

 

Ted G.'s picture

FYI, we in tech support never recommend installing anything other than AntiVirus and Antispyware on server Os's. You should always create a special install package for your servers and place them in their own groups.

 

 

kamran 2's picture

FYI, we in tech support never recommend installing anything other than AntiVirus and Antispyware on server Os's. You should always create a special install package for your servers and place them in their own groups.