Endpoint Protection

Hi All,

I have logged the case with Symantec for above issue (plz refer attached snap), where they mentioned that this is obvious behaviour i.e either Symantec firewall or Windows firewall will be active at a time.
Do we have any possibility to enable access to both these firewalls.

Thanks & Regards,
Prasann
IT Security Engineer
CCNA,ITIL(2011)

basically no two firewall should run on same machine. You enable only one firewall and confiure the rules

http://www.symantec.com/business/support/index?page=content&id=TECH187656

 After migrating to SEP 12.1 Windows Action Center reports "Turn on Symantec Endpoint Protection" even though SEP is ON

http://www.symantec.com/business/support/index?page=content&id=TECH165431

Edit####

Check this Mithun Comments It is always recommended to have only 1 software firewall on the Machine.

Mithun Sanghavi Symantec Employee

Hello,

What version of SEP 12.1 are you running?

Check these Articles:

Windows 7 Firewall indicate that "These Settings are being managed by vendor application Symantec Endpoint Protection", even when Symantec Endpoint Protection (SEP) 11.0 Network Threat Protection (NTP) is not installed.

https://www-secure.symantec.com/connect/articles/windows-7-firewall-indicate-these-settings-are-being-managed-vendor-application-symantec-en

Advanced Settings for Windows 7 Firewall indicate that it is on, even when Symantec Endpoint Protection (SEP) Network Threat Protection (NTP) is installed.

http://www.symantec.com/docs/TECH123729

The behavior of Windows 7 in regards to 3rd party firewalls (such as SEP) differs slightly than previous versions of Windows. In Windows 7, Microsoft changed Security Center to Action Center. In Action Center, a more universal interface was created for protection technology (Firewall, Antivirus, etc). Windows Firewall is indeed turned off when SEP NTP is enabled, indicated by the Installed Firewall list, as well as the General Firewall status section indicating that firewall rules are being managed by SEP. To verify the true Windows Firewall status: Open Action Center -> Expand "Security". Find line item "Network Firewall On". Below is a link "View installed firewall programs": Symantec Endpoint Protection is listed as installed and On, Windows firewall is listed as installed and Off."

Hope this clarifies this for you.

HI,

have you received your answer ?

Hi

Basically no two firewall should run on same machine.

Regards

Does SEP v12.1 automatically turn offthe Windows firewall once it is installed with NTP component ?

I'm not sure with the normal deployment without the NTP (Firewall component), would SEP still also allows WIndows firewall ?

there is setting to disable windows firewall, this needs to be checked before exporting the client package.

To prevent this situation, SEP's installer automatically detects and disables Windows firewalls that are enabled. (The exception is, of course, if a custom install package is created which does not include NTP. If this Symantec firewall is not included in the install, an active Windows Firewall will not be disabled during install.)
 

Many thanks for the clarification Pete !

Greetings,

Many thanks to All for post valuable things out here.

Finally we have solution to above case, where it is possible to keep both firewall "ON" with minor change in setting on SEPM12.1 RU1 Manager.

Resolution/Workaround/Information provided:-

Changed the Windows Integration settings from Symantec Firewall Policy to Restore if disabled.

Thanks & Regards,
Prasann
ICICI BANK,Technical leader
CCNA, ITIL (2011)

wow I just knew it that it is possible.

Thanks for sharing.