We have a bunch of machines that are all created from a standardized image, sysprepped, and then applied to many computers using Windows Deployment Services.
Out of a group of about 25 machines, on 2 - 4 of them the SEP 11 firewall will fail to load and the Windows firewall is used instead.
For the most part this isn't a huge problem with the default Windows domain firewall config, but this doesn't have remote management services passthrough enabled, so the machines are hard to centrally manage.
====
,
When everything is working, I see this in the Windows Firewall settings:
,
,
However, for the machines where SEP 11 firewall isn't loading, I see this:
,
,
But the SEP 11 client doesn't say there are any problems:
,
,
And there's nothing in the log files
,
,
,
,
The Windows System and Application logs also show no errors:
,
,
So, I have no idea what the problem is. I don't see a way on the local SEP 11 client to view its firewall configuration.
Apparently it is fully policy based and tells the local user absolutely nothing, but if it is broken then there is also no way to discover locally what is going on.