hi all
thanks all support. After I doing more and more testing , i prevent 2 situation:
1/ disable or unistall NTP : this step can make you take back control Windows FW if number of SEP client is small and NO Windows FW policy is applied on client
2/ Change client user control inteface setting : server control or mix .(see picture) After do it i was taken back windows FW And i choice this step and i think this is the best way . Why i choice this ? becasuse :
a. I had more than 7000 SEP client ( server + client ) so I cant unstall NTP for each SEP client even if i deploy a new package for all. IT is impossible.
b. I had some windows FW policy is applied for server ( ~200 server ) and client ( ~7000 PC) , and i dont want SEP FW overwrite
c. for all client i had used SNAC Host integrity ( safe enforce ) so i still need SEP FW for client
Summary : I need Windows FW + SEP FW live together. Nobody disable another.
I think this is SEPM 12.1 RU4 issuse , because before i upgrade SEPM everything still good .