Unmanaged SEP client - app firewall rule not working
I've spent quite a while trying to work this out but can't seem to crack it. I'm sure it's not that hard, just can't find the answer.
I have SEP V12.1.671.4971 self managed on a windows 7 x64 machine. I've tried to configure a firewall rule through Network Threat Protection and I can't get it to work. The rule works with the following settings (no applications added):
General tab - block this traffic, all network adapters, either on or off, record in packet log
Hosts - all hosts
ports and protocols - all protocols, both directions
applications - no apps listed
---the above blocks all traffic.
However when I add an application
applications tab - c:\...path\chrome.exe
the rule no longer works. Ie it lets traffic through as it should but does not block chrome.exe.
Does anyone know why this might be?
Thanks in anticipation.
Is it that the OS is 64 bit? It does not make sense that the app rule would not work because of that but I did see something referring to that somewhere..
The other note I saw was in the SEP 11 known issues doc where it talked about the filter not working with the full path of the exe, rather just the exe name had to be used. However I think this is to do with the selection filter in the client manager. And in any case "just the name" cannot be added in the client firewall configuration form, it only takes the full path because the file is selected not typed in.