Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Symantec Endpoint Protection and Connectify

Created: 09 Apr 2012 • Updated: 03 Jul 2012 | 12 comments
This issue has been solved. See solution.

I've been using Symantec Endpoint Protection for about 2 years now on my personal laptop. I got Endpoint Protection from AKO.mil for free because I use my laptop to access DOD networks. The problem is that while I am home, and not on any secure networks, I want to share my internet connection through my laptop to other devices in my home that cannot connect to my router wirelessly. To do so, I use a program called Connectify. I've used the program in the past, but since I have installed Symantec Endpoint Protection on this laptop I am unable to connect to Connectify from my other devices. I know it is Symantec that is not allowing the connection because if I disable all Symentec services I am then able to connect. I would like to know how I am able to allow Connectify all necessary network access but still have complete protection from Symantec while using my laptop otherwise. I realize there may not be anyone able to help me through this forum, but after unsuccessfully trying to contact Symantec via phone I think my options may be limited to this forum. Thanks in advance.

Comments 12 CommentsJump to latest comment

Mithun Sanghavi's picture

Hello,

If I am not mistaken the SEP client installed on your Laptop is SEP version 12.1 and is self managed client, correct?

In your case, we would like to know what in SEP is detecting the "Connectify", is that PTP / NTP feature?

Could you open the SEP GUI > Click on View Logs, check logs for AV/AS, PTP, NTP and please let us know what is detecting the application / network of the same.

Accordingly, you can make the necessary changes.

Incase, the application is detected, we could create an Application  Exception / Sonar Exception OR Change the Network Threat Protection Settings (if possible).

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Swapnil khare's picture

Hi ,

Please try following and this requires a reboot .

  1. Go to Add remove programs
  2. Select Symantec Endpoint ie Highlight if this is win7 then click on Change above if Xp then Change button on right hand site .
  3. Once you click on Change select next and Modify .
  4. Follow wizard with Custom install and Disable NTP and Features which it will ask you to disable
  5. Follow the wizard click finish it might run Live update
  6. Once complete reboot the machine and check

Why disable NTP , if i am not wrong your wireless Device or Connectify needs some ports to be Open which are blocked as NTP is a Firewall . However by doing this machine might become Vulnerable to Malicious activies but PTP feature will give you the prompt and block the Risk if any .

You can try this as a Test to check and then contact support to Open Ports from Sep client .

Follow article below  however you need to know the ports which are used by your Connectify to distribute wireless signal .

you can get the ports and then there wont be any need to disable NTP

http://www.symantec.com/business/support/index?page=content&id=TECH102586

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Lawti2007's picture

Thank you guys for the quick replies... I will go ahead and try sulutions now and report back what I find.

Lawti2007's picture

Yes, Mithun my SEP is 12.1. I checked the log and they report as follows;

AVAS, No mention of Connectify.

PTP, No mention of Connectify.

NTP, Block ouutgoing UPD Connectifyd Rule: Block Upnp Discovery from external computers.

Lawti2007's picture

Swapnil you are onto something. NTP is causing the issue here.

There is one thing I feel I should menion at this point not knowing if it will make a difference. I plan on using my laptop for other divices connect by ethernet cable. My device is older and does not come with a wifi addapter, so the ports I need open will be for ethernet, if that makes a difference.

Also, I have added a new rule to the firewall, allowing Connectify.exe, Connectiyd.exe and ConnectifyNetService.exe full access to the network as the Connectify website had instructed. These rules show up in the NTP log. However it still doesn't allow me to connect my device via Ethernet.

Mithun Sanghavi's picture

Hello,

Check this Article from Connectify - 

http://support.connectify.me/forums/20181761-firewalls-antivirus-issues

As per, http://support.connectify.me/entries/20313068-firewall-security-settings it states the AV/AS and Firewall requires certain Exceptions and you may need to Whitelist this application.

Suggestions:

1) Whitelist the Application. Check this Article:

Software developer would like to add his/her software to the Symantec White-List.

http://www.symantec.com/docs/TECH132220

2) Till that time, create the Exception:

C:\Program Files\Connectify\Connectify.exe
C:\Program Files\Connectify\Connectifyd.exe
C:\Program Files\Connectify\ConnectifyNetServices.exe

3) Create the necessary changes, to the NTP as per requirements by adding the Rules required by 

Open SEP-GUI
Network Threat Potection -Options- Change Settings - Intrusion Prevention -( Uncheck ) Enable Port scan detection .

or

1.   Open Symantec Endpoint Protection 
2.   On the main page, across from Network Thread Protection, click on the Options button and choose Configure Firewall Rules
3.   Click the Add button
4.   On the General tab fill out the following information (for example) - 
o   Rule name = Allow ETHERNET [type=0x88E1]
o   Action = Allow this traffic
o   Apply this rule to the following network adapter = All network adapters
o   Apply this rule while the screen saver is = Either On or Off
o   Record this traffic in the Packet Log = Checked
5.   On the Ports and Protocols tab fill out the following information (Example)
o   Protocol = Ethernet
o   Ethernet type = 0x88E1
    i.      You will need to actually type this value in as it will not be found in the drop-down list
o   Click OK all the way out of the firewall rules

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Lawti2007's picture

Thank you again for the help. Unfortunatly after trying these sulutions I am still unable to connect. I added Connectify.exe, Connectifyd.exe, and ConnectifyNetServes.exe to the firewall and allowed them access to all ports then added the rule you asked me to and still no connection.

I was seeing that there was a "Block_All" rule blocking traffic that had no applications listed on the NTP log. I thought maybe some of the traffic that Connectify was using was getting blocked by thi "Block_All" rule but couln't find it in the firewall rule list. Out of couriousity I unchecked every rule except the Connectify application rule and Ethernet rule we just created and still no connection.

Swapnil khare's picture

Have you tried clearing or reconfiguring connetify as a an application for wireless .

I would suggest you to try it once with Sep installed ,i am not trained on Connectify but i have worked on similar situation with Linksys Easy connect software .

Try it might work or best option would be to contact Support .

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

sibghatullah88's picture

Thank you so much Swapnil, you solved my problem and just to thanks to you I register my ID.

thank you again......smiley

Swapnil khare's picture

@sibghatullah88 Nice to hear your issue is fixed :-)

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

mcalr3's picture

@sibghatullah88 @Swapnil

Can you provide the steps you took to add the wireless as a rule?  I have tried everything I can think of for this issue and I am still having the problem. Thanks

Swapnil khare's picture

Hi Mcalr3

I guess Sibghatullah tried clearing wireless connections fron Ncpa.cpl , possible he reinstalled Connectify he should be able to confim it .

however to clear wireless connections you can go to ncpa.cpl

right click your wireless connection properties

select your Wireless and it should show you multiple connections if any clear them out

Note SEP should be installed .

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.