Video Screencast Help

symantec End Point protection (12.1) installation & existing port configuration

Created: 21 Mar 2013 • Updated: 21 Mar 2013 | 5 comments

On server 2008 r2 - Symantec End Point protection (12.1) When installing End Point protection on a server that already has multiple open ports (such as RDP, FTP...) - will End Point recognise which ports are open & leave them open or will it close them all by default? Thanks

Operating Systems:

Comments 5 CommentsJump to latest comment

.Brian's picture

SEPM does not use these ports and will not conflict with them. Check here for port usage:

Which Communications Ports does Symantec Endpoint Protection use?

Article:TECH163787  |  Created: 2011-07-01  |  Updated: 2012-03-30  |  Article URL http://www.symantec.com/docs/TECH163787

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SMLatCST's picture

Are you talking about the Management server or the client?

As you're asking about opening and closing ports, I assume you're asking about the client.  In which case, if you install and enable the firewall component, the SEP policy will be applied and any ports not allowed by the policy's rules will be blocked.  The SEP Client firewall does not search for ports and add automatic allow rules for them, I'm afraid.

So you'll either have to create firewall rules to allow any ports not already covered int he firewall policy, or omit the firewall component entirely from the SEP Client install package.

Mithun Sanghavi's picture

Hello,

Are these multiple open ports (such as RDP, FTP...) configured via your Personal or Windows Firewall Policies?

When you install a Managed Symantec Endpoint Protection with Network Threat Protection (Firewall) takes its policies from the Symantec Endpoint Protection Manager Console.

In your case, I would recommend you to understand what are the default Firewall Policies which are applied to the machine.

Here are the Articles which would explain, more on the default Firewall rules in SEP 12.1

About firewall rules

http://www.symantec.com/docs/HOWTO55261

Default Symantec Endpoint Protection 12.1 RU1 Firewall Policy explanation

http://www.symantec.com/docs/TECH180569

Secondly, you can configure the Network Threat Protection (Firewall) as per your requirement.

NOTE: It is recommended to install only 1 firewall on the machine.

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

benappl's picture

Thanks for all the information. An ex-colleague had installed End Point on various servers on various VLAN's & I am trying to gain an understanding of how he has done it before I attempt it (as you can imagine, there will be a number of different ports open).

I believe it must be the 'client' as I can only see the basic interface (not the interface to deploy on further machines etc). We are going to be installing on VMs & replacing the Windows firewall, so this firewal componenet is necesarry. I guess the only way around this will be to find all open ports & manually configure on End Point.

I will take a look into your recomendations - I am also looking for a complete guide.

Many thanks

 

SMLatCST's picture

This article should get you on your way.  It discusses SEP Firewall rule management and includes multiple links to further reading:

http://www.symantec.com/docs/HOWTO80975