Endpoint Protection

 View Only

  • 1.  training unmanaged SEP firewall

    Posted Apr 26, 2010 11:31 AM

    Has anyone listed the steps that a 'computer-savvy' but not expert user can take to train their unmanaged SEP firewall?
    Is it just a matter of checking the 'enable network application monitoring' and 'allow only application traffic (w/prompt before allowing application traffic)?



  • 2.  RE: training unmanaged SEP firewall

    Posted Apr 26, 2010 11:56 AM

    View the Symantec Endpoint Protection 11.0 Network Threat Protection (Firewall) Overview and Best Practices White Paper

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121714495348

    Moving this thread from general forum to Endpoint forum.


  • 3.  RE: training unmanaged SEP firewall

    Posted Apr 26, 2010 01:10 PM
    Well but checking those things you have acheived 80% objective that you can do with Unmanaged Client's Firewall.
    However you can ADD Firewall rule to restrict any Unwanted traffic/Application.


  • 4.  RE: training unmanaged SEP firewall

    Posted Apr 26, 2010 05:00 PM

    1) I've read the Best Practices article cited --- NOT user friendly for 'computer-savvy' user
    2) Most 'computer-savvy' users would not know how to ADD a Firewall rule as presented in SEP
    3) Perhaps ok for 'security-savvy' user, but still not intuitive.

    Is Symantec going to focus on 'user-friendly' like ZoneAlarm?  Y or N

     



  • 5.  RE: training unmanaged SEP firewall

    Posted Apr 26, 2010 05:15 PM
    I am not aware with Zone Alarm but if you select 

    In SEPm- Netowrk threat Protection- Change Settings-Allow only Application Traffic.(prompt before.....) i=you will find something similar.


  • 6.  RE: training unmanaged SEP firewall

    Posted Apr 26, 2010 05:17 PM
    Zone alarm is targeted more to the consumer side then a Enterprise level solution. Make a suggestion for a "user friendly FW" to the Ideas section of the forums.

    https://www-secure.symantec.com/connect/security/ideas


  • 7.  RE: training unmanaged SEP firewall

    Posted Apr 26, 2010 05:22 PM
    You might want to read through the Client Guide that comes with the software, in the Documentation directory.  Specifically, Chapter 6 is all about Network Threat Protection; page 112 (at least for RU6) has a walk-through for creating a firewall rule.

    ETA: I think I understand to what you're referring now--you want the unmanaged client firewall to 'learn' previous actions?  I believe enabling network application monitoring (and prompting action on every applicaiton that runs) will do what you want it to do.  I would still review the documentation, though most of the documentation is geared towards a managed environment.

    sandra