Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

SEP upgrade 11.x to 12.1 RU1 enables windows firewall

Migration User

Migration UserSep 21, 2012 11:46 AM

HI, This is Windows 7 Machine ?
Migration User

Migration UserSep 21, 2012 11:52 AM

Server 2008 64 bit
Migration User

Migration UserSep 21, 2012 11:52 AM

Yes
Migration User

Migration UserSep 21, 2012 12:01 PM

No, NTP policy is withdrawn.
Migration User

Migration UserSep 21, 2012 04:52 PM

Ran setup.exe locally on client
Migration User

Migration UserSep 21, 2012 04:52 PM

SCCM
Migration User

Migration UserSep 21, 2012 04:54 PM

Doesn't apply here
ℬrίαη

ℬrίαηSep 21, 2012 09:45 PM

How many clients did this happen on?
Migration User

Migration UserSep 21, 2012 11:10 PM

No never had NTP installed
Migration User

Migration UserSep 24, 2012 11:29 AM

Yea why does it matter?

  • 1.  SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:34 AM

    11.x client with only AV component installed.

    Upgraded to 12.1 RU1 and the windows firewall became enabled (is turned off by default)

    Why?



  • 2.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Broadcom Employee
    Posted Sep 21, 2012 11:38 AM

    did you upgrade only AV in sep 12.1?

    was NTP component included?



  • 3.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:41 AM

    Yes, only upgraded AV component.

    No, NTP not included. These are high availability boxes so only AV goes on them.



  • 4.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:42 AM

    These are for NTP. I don't use NTP on these boxes and never have.



  • 5.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:42 AM
    What sep feature are you installed in SEP 12.1?
     
    About Windows Firewall and Symantec Endpoint Protection's NTP

     

     
    Check this thread

     



  • 6.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:44 AM

    Hi,

    When You will Install NTP Componet.Windows firewall automatic Disabled



  • 7.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:45 AM

    As I said, I don't and won't ever install NTP on these boxes.



  • 8.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:46 AM

    HI,

    This is Windows 7 Machine ?



  • 9.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Broadcom Employee
    Posted Sep 21, 2012 11:51 AM

    did you check the event viewer for application, was firewall enabled immediately after the SEP upgrade?

     



  • 10.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:52 AM

    Server 2008 64 bit



  • 11.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:52 AM

    Yes



  • 12.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Broadcom Employee
    Posted Sep 21, 2012 11:58 AM

    Is the NTP policy enabled? whats the setting the integration of windows firewall in the firewall policy?



  • 13.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 12:01 PM

    No, NTP policy is withdrawn.

     



  • 14.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 12:30 PM

    Hi,

    When we will be install NTP feature Windows firewall automatic turn off.

    But In your case You can't install NTP feature Windows firewall automatic enable.

    About Windows Firewall and Symantec Endpoint Protection's NTP

    http://www.symantec.com/business/support/index?page=content&id=TECH97986

    So please you can raised Support Ticket.

    http://www.symantec.com/support/assistane_care.jsp



  • 15.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Broadcom Employee
    Posted Sep 21, 2012 12:30 PM

    open a support ticket, is the policy withdrawn after the upgrade.



  • 16.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 01:29 PM

    how did you install SEP? using GPO or using Migration and deployment wizard?

     



  • 17.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Trusted Advisor
    Posted Sep 21, 2012 02:24 PM

    Hello,

    Could you let us know what do you mean when you say,"the windows firewall became enabled (is turned off by default)"?

    Does that mean the windows firewall was disabled via GPO?

    When Install SEP 12.1 with NTP (Firewall) it would disable the Windows Firewall and when you uninstall NTP, the windows firewall gets enabled. However, incase if the Windows Firewall is disabled via GPO then in that case I believe the Windows Firewall would not be enabled.

    If Windows Firewall is not disabled via GPO, i would request you to perform this activity.



  • 18.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Broadcom Employee
    Posted Sep 21, 2012 02:49 PM

    Hi,

    Check following article

    The Windows Firewall is enabled after migrating to SEP 12.1 using the 'Upgrade Clients with Package' feature and deploying the 'Basic Protection for Servers' install package.

    http://www.symantec.com/docs/TECH171051

     



  • 19.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 04:52 PM

    Ran setup.exe locally on client



  • 20.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 04:52 PM

    SCCM



  • 21.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 04:53 PM

    Yes disabled via GPO. So it became enabled when upgrading despite GPO. Althoug GPO should put it back when doing gpudate /force



  • 22.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 04:54 PM

    Doesn't apply here



  • 23.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 09:45 PM

    How many clients did this happen on?



  • 24.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 10:48 PM

    At least 3. Been inconsistent. Happened on these 3, while others were fine.



  • 25.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 10:57 PM

    Hi,

    Are reboot Server after Install SEP client ?

    What happend when you run gpupdate/force ?



  • 26.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Broadcom Employee
    Posted Sep 21, 2012 10:58 PM

    by any chance was NTP installed earlier? thinking of if the firewall drivers could still be present



  • 27.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 21, 2012 11:10 PM

    No never had NTP installed



  • 28.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 22, 2012 12:01 AM

    Hi,

    I think you can set SSCM patch reboot System after installed.

    I am not sure but when we will be install Symantec Antivirus on server network connectivity will be lost some time that time System may be not received any GPO and system reboot after install AV.

    Windows Firewall GPO will be applying on system base. When you will be run gpupdate/force policy will be applied forcefully.

    If i am wrong please update me.



  • 29.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 22, 2012 04:54 PM

    Were you upgrading different versions of 11.x?

    Was the windows firewall service disabled or just stopped?



  • 30.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Trusted Advisor
    Posted Sep 23, 2012 05:09 AM

    Hello,

    Since Windows Firewall is disabled via GPO. GPO should put it back when doing gpudate /force. If this is not happening, that clearly indicates that the GPO policy are not reflecting to the Client machine properly. Could you login as an "Domain administrator" and check the GPO policies. I don't think this is causing due to Symantec.

    Hope that helps!!



  • 31.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 24, 2012 10:11 AM

    Now that I've had more time to troubleshoot, here is scenario:

    Server1 - 2008 OS - FW service enabled - FW profile disabled - SEP 11.0.6300. Once upgrade to SEP 12.1 RU1, FW profile became enabled blocking traffic. Turning off profile fixed issue

    Server2 - 2008 OS - FW service enabled - FW profile disabled. SEP 11.0.6200. Once upgraded to SEP 12.1 RU1, FW profile became enabled blocking traffic. Turning off profile fixed issue.

    Server3 - 2008 OS - FW service enabled - FW profile disabled. SEP 11.0.4000. Once upgraded to SEP 12.1 RU1, no issues occurred.

    So upgrade to 12.1 RU1 enabled fw profiles causing traffic to be blocked on two machines.

    Only AV component installed. Never had NTP on these machines.



  • 32.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 24, 2012 10:26 AM

    Hi,

    Are you using locations for the groups client reporting to?

     



  • 33.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 24, 2012 10:30 AM

    I wil be quite sure that if you try a test install using migration and deployment wizard this issue does not occurs.

     

    check the setad.ini file as per this document. If you are advertisiing your sccm, make sure that you have corrected this setting.

     

    http://www.symantec.com/business/support/index?page=content&id=TECH102668&locale=en_US



  • 34.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 24, 2012 10:37 AM

    Not using SCCM for SEP deployment on servers. Running exe locally on client to upgrade.



  • 35.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall

    Posted Sep 24, 2012 11:29 AM

    Yea why does it matter?



  • 36.  RE: SEP upgrade 11.x to 12.1 RU1 enables windows firewall
    Best Answer

    Posted Sep 24, 2012 11:41 AM

    Perhaps it has to do with upgrading from a newer version of 11.x. Or possibly a bug.

    Did you open a support case?