Endpoint Protection

     Anyone else out there really trying to make this firewall work inside of a corporate network?  I have most of everything working, with the exception of WMI. WMI works off of DCOM which can connect to just about any port above 1024 and expects it to be open.  Since the firewall is in the way and opening all of the ports would negate the use of the firewall I appear to be left with only one choice.  Set all my workstations and servers to have a static range of DCOM ports.  This seems to me to be a little much.  Since the firewall is attached to the workstation, is there any reason why there isn't a checkbox to have the firewall software understand this is how Microsoft products work.  I would have been happy with a checkbox saying "Allow WMI" or "Allow DCOM".  My question is how is everyone else getting this to work?  Are they following this article: http://msdn.microsoft.com/en-us/library/ms809327.aspx  or am I missing something?

Wow, you have the same question that I want to know the answer to.

https://www-secure.symantec.com/connect/forums/allow-wmiwbemtest-thru-firewall

Let me know if you find something!

Anybody have any input on this issue?

*BUMP*

We can't be the ONLY two people that need to connect to machines remotely using WMI?

(Subject from the voice over guy...)

I have implemented that change in the article above to our workstations knowing that I can roll it back easy, but I am a little more hesitant to do it to our servers.  Unfortunately we have some tools that need to access the WMI on our servers as well, so until I get brave or someone else with some more experience answers this question, those tools are broken with the firewall on.  I saw your post, and wanted to respond there, but it was a few days old, and I wanted to get a response.  Apparently no one reads the forum either?