Endpoint Protection

 View Only

  • 1.  Block incoming connections with SEP Firewall

    Posted Jan 30, 2018 05:38 PM

    I've been tasked with evaluating the SEP firewall to replace the Windows Firewall configuration in our environment.   I'm attempting to create a firewall rule that will be used when computers are off site.   The rule simply needs to block all inbound traffic from other hosts,  while allowing any outbound traffic from the computer (essentially mirroring the default Windows firewall behavior).   

    I don't see any indication SEP has configuration options based on inbound/outbound traffic direction,  so what would be the best way to achieve this?

     

    Below is the windows firewall settings that i need to replicate:

     



  • 2.  RE: Block incoming connections with SEP Firewall

    Posted Jan 30, 2018 05:53 PM

    It most definitely can block incoming traffic. An article I wrote with a similar scenario:

    https://www.symantec.com/connect/articles/controlling-network-traffic-special-purpose-machine-using-sep-firewall

    Create an allow rule to allow outbound and move it to the top. Create another rule to deny inbound and move it under the allow rule.