Endpoint Protection

 View Only
  • 1.  How to add more than two Location based settings firewall policy to the newly created group ?

    Posted Feb 05, 2013 08:04 PM

    Hi,

    I have created the new Group in my SEPM to contains new workstation as per below screenshot:

    somehow I cannot make it so that it behaves like the existing old group like in the following screenshot:

    Can anyone please assist me in how to do it ?

    Thanks !



  • 2.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Posted Feb 05, 2013 08:05 PM



  • 3.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Posted Feb 05, 2013 08:05 PM



  • 4.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Posted Feb 05, 2013 08:32 PM

    Use location awareness

    Add another location, than you can assign a different policy for the new location. Just click on "Add Location" to add another.

    Best Practices for Symantec Endpoint Protection Location Awareness

    Article:TECH98211  |  Created: 2009-01-20  |  Updated: 2012-06-07  |  Article URL http://www.symantec.com/docs/TECH98211

     

    Enabling location awareness for a client

    Article:HOWTO81170  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81170

     

    Adding a location to a group

    Article:HOWTO81205  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81205

     

    More about Location Awareness in Symantec Endpoint Protection (SEP)

    Article:TECH97369  |  Created: 2009-01-11  |  Updated: 2013-01-21  |  Article URL http://www.symantec.com/docs/TECH97369

     



  • 5.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Broadcom Employee
    Posted Feb 05, 2013 08:57 PM
    refer the above articles. I can see two locations "Unknown" & "Secure INternal Network". The firewall is assigned to this group. Only one policy can be applied to a group location.


  • 6.  RE: How to add more than two Location based settings firewall policy to the newly created group ?
    Best Answer

    Posted Feb 06, 2013 01:09 AM

     

    Hi John,

     

    How to add more than two Location based settings firewall policy to the newly created group ?

    1) First create a new location.

    Clients Tab--> click on policies on right pane--> click on "Add Location" and follow the wizard.

    2) Once the location is added go to Policies tab which is below reports tab on the left side.

    3) When you apply a policy just right click and you will be able to find all the groups and all the locations inside the group. You can select it location wise .

     

    - MASH

     



  • 7.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Posted Feb 06, 2013 01:29 AM

    When you create a new group it will have just one Policy, You need to create a location based policy as Mash said.

    Once its created you can see them on the right hand side.

     



  • 8.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Trusted Advisor
    Posted Feb 06, 2013 02:36 AM

    Hello,

    Is this Thread related to the new Thread created by you ??

    https://www-secure.symantec.com/connect/forums/how-add-more-two-location-based-settings-firewall-policy-newly-created-group

    Looks similar..!!

     

    About working with Firewall Policies

    The Symantec Endpoint Protection Manager includes a default Firewall Policy with firewall rules and firewall settings for the office environment.  The office environment is normally under the protection of corporate firewalls, boundary packet filters, or antivirus servers.  Therefore, it is normally more secure than most home environments, where limited boundary protection is available.

    When the console is installed for the first time, it adds a default Firewall Policy to each group automatically. Every time a new location is added, the console copies a Firewall Policy to the default location automatically.

    If the default protection is not appropriate, it can be customized using the Firewall Policy for each location, such as for a home site or customer site. If the default Firewall Policy is not what is needed, it can be edited or replaced with another shared policy.

    Firewall Policies include the following elements:

    Firewall rules Firewall rules are policy components that control how the firewall protects computers from malicious incoming traffic and applications. The firewall automatically checks all incoming and outgoing packets against these rules, and allows or blocks the packets based on information specified in rules.
    Smart traffic filters Allows the specific types of traffic that are required on most networks such as DHCP, DNS, and WINS traffic.
    Traffic and stealth settings Detects and blocks traffic that comes from certain drivers, protocols, and other sources.
    Peer-to-peer authentication settings Blocks a remote computer from connecting to a client computer until the client computer has authenticated that remote computer.

    A location can be set to client control or mixed control so that the user can customize the Firewall Policy.

    See Configuring Network Threat Protection settings for mixed control.

    Firewall Policies can be edited or created similarly to the way other types of policies can be edited or created.  Firewall Policies can be assigned, withdrawn, replaced, copied, exported, imported, or deleted.

    Typically  a policy can be assigned to multiple groups in the security network.  Create a non-shared, location-specific policy if there are specific requirements for a particular location.

     



  • 9.  RE: How to add more than two Location based settings firewall policy to the newly created group ?

    Posted Feb 06, 2013 07:49 PM

    Many thanks for the assistance people !