Endpoint Protection Small Business Edition

 View Only
  • 1.  Where to find the firewall rule allowing RDP traffic which passes (SEP 12.1 Small Business Edition FW Policy)

    Posted Apr 16, 2012 10:07 AM

    Why SEP 12.1 Small Business Edition does not block the RDP traffic, despite the fact that the firewall policy inbound traffic is closed, and there is no allow rule for the RDP?

     
    Windows Server 2008 R2 SP1
    SEP 12.1 Small Business Edition


  • 2.  RE: Where to find the firewall rule allowing RDP traffic which passes (SEP 12.1 Small Business Edition FW Policy)

    Posted Apr 17, 2012 11:03 AM

    HI,

     

    What is security level for all network traffic in firewall policy. (You will find this from Firewall Policy --> Firewall Rules --> Select "Customize the default settings.") Check what option is selected below all the firewall rules.

     



  • 3.  RE: Where to find the firewall rule allowing RDP traffic which passes (SEP 12.1 Small Business Edition FW Policy)

    Posted Apr 17, 2012 12:49 PM

    Hi,

    Security level is set to Medium (Inbound traffic is blocked while outbound traffic is allowed). I tried to set a high level of security, - RDP traffic is still passed.



  • 4.  RE: Where to find the firewall rule allowing RDP traffic which passes (SEP 12.1 Small Business Edition FW Policy)
    Best Answer

    Posted Apr 17, 2012 01:28 PM

    Hi,

    "Allow All application" rule may be the rule which is allowing the RDP traffic.

    Create a rule --> Block connection for traffic which has a destination of port 3389. 

    Move this rule to the top and check if we still face the same issue.

     

    Let me know if you face any issues while creating the firewall rule.

     

     

     



  • 5.  RE: Where to find the firewall rule allowing RDP traffic which passes (SEP 12.1 Small Business Edition FW Policy)

    Posted Apr 17, 2012 05:09 PM

    Thank you for the correct response. Indeed "Allow All application" rule is allowing the RDP traffic.