Critical System Protection

Scenario here will be :

Client A (runs Submit.exe) and it will need to FTP to HOST B.

Would like to check how do we allow passive ftp which is activated by an application (exmaple: submit.exe).

It has ports ranging from NNNN to NNNNN. I can't keep on adding ports to the policies as it will grow.

I've even white list the SUBMIT.EXE together with 200 over remote ports already.

Appreciate it some one could shed some light here.

Cheers,

ALEX

Hi,

Thank you for posting your query on Symantec community & would be glad to assist you here.

To keep using FTP passive mode (IIS only support this mode) rather than active mode, allow the application in firewall policy per the following steps:

1. Log in to the Symantec Endpoint Protection Manager (SEPM) > Policies > Firewall > Firewall policy > Edit the dedicated policy > Rules > Add Blank Rule

2. Edit the Application of the new (Blank rule) rule, add the application name "inetinfo.exe" to this rule.

3. Assign the newly edited policy to the appropriate client group.

Refere the following article: Symantec Endpoint Protection (SEP) firewall denies FTP access from client even if FTP service is allowed to access

http://www.symantec.com/docs/TECH165200

An overview of active and passive (PASV) FTP

http://www.symantec.com/docs/TECH80150

Hello alex_ng -

What product is this for? CSP?

Regards,

feeto