I'm trying to properly set up the Symantec Endpoint Protection 12.1 RU1 firewall on an unmanaged client, and I cannot seem to do so.
After setting up my basic rules, I want to create two final rules -- allow all outgoing traffic, then block all traffic. This should allow all outgoing traffic (and, because of the stateful firewall, it should allow all responses to that traffic) while blocking all unsolicited incoming traffic. However, I can't seem to do this with unmanaged client firewall rules.
To set up that first rule, I would create it as: "Allow" action, all hosts, Ethernet protocol (blank/all types), OUTGOING direction only.
The problem is that the SEP firewall does not allow a CLIENT rule to set the protocol direction for the Ethernet protocol; it forces the direction to "Both". SEPM allows you to set the direction, but that doesn't help because this is an UNMANAGED client.
Does anyone know if there's any way to set the direction for the Ethernet protocol in a client rule?
Please do NOT simply state that the default configuration is to allow all traffic. I don't care what the default configuration is. I want to explicitly create the rules so that I can be sure they are set up exactly the way I want (allowing ONLY what I want, and not allowing anything I don't want).