I have attached the Firewall and Application Control policy Policy to Block Peer to Peer Applications as per this article
.https://www-secure.symantec.com/connect/articles/what-do-p2p-applications-do-and-how-block-peer-peer-applications-p2p-using-symantec-endpoin
Import the Policy from your Symantec Endpoint Protection Manager and Assign it to the groups you want.
Note:Default Template has been taken for both the Policies only addition is the new Firewall rule was added for P2P applications and Block Application from running have been modified for blocking P2P applications.
and the client has the IPS component enabled and latest policy?
Hi Brian , In IPS policy in exceptions for whole P2P catogery I have set it to block.
Now on client when I start running utorrent client I see the notifcations that SEP IPS is detecting and blocking P2P traffic but on the utorrent client it is succesfullly downloading without having any interuption or dropping the connection.
Without knowing or seeing your setup I'm working blind here.
SEPM IPS policy has a default IPS rule to detect Tor that you need to set to block?
ID 22862 and ID 27315
Did you apply the firewall rule attached in this thread?
Hi Brian , thanks for your reply but for some reasons it is not working for me. The download still keeps on going in parallel with the IPS rules triggering.
That's probably because it just switched to a different tracker. But yes this still works.
Does this also works for 12.1.6 ? I tried using IPS to block P2P traffic but there wasnt any effect utorrent was still able to download though on the client I was getting the notifications that P2P traffic has been detected and SEP is blocking it , but there wasnt any effect on the downloading.
yes. Tried to import application and device control policy when i got the mentioned error.
Works fine for me on 12.1.5.
You unzipped and tried to import the .dat file?
Hi,
Came across this thread. I understand this is quite an old thread. I tried to import the policy but it presented an error:
Failed to import policy. Error: Invalid import file.
Failed to import policy.
Error: Invalid import file.
i am using SEPM 12.1. Any suggestions ?
Hi Vikram sir,
valuable applications, can you provide some information while implementing the SEPM and SEP on endpoints. how it can be configured to perform best other than virus defination updates which is must.
Regards
Kishorilal
Useful Stuff
So I run into an issue where users rename the offending exe's after they download them (those that can function with a single exe). Wouldn't it be better for the App policy to block the file and folder access attempts to the named files rather than to do a process block? Or would you need both to prevent it from launching and from changing the file?
Thanks a lot for such a valuable information.