search cancel

How to create a firewall rule on unmanaged Endpoint Protection client

book

Article ID: 151602

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Note: This article is no longer being updated. The following article replaces it. Update your links or bookmarks to:
Adding firewall rules on the client


How to create a firewall rule on an unmanaged Symantec Endpoint Protection (SEP) client with Network Threat Protection installed.

Resolution

Current Endpoint Protection unmanaged clients have 23 default built-in rules.  To make changes to existing rule or to add a new rule follow these instructions.  

  1. To open the client interface, double-click on the Symantec shield icon on the taskbar, or access the client interface from the Start Menu: Start > All Programs > Symantec Endpoint Protection.
  2. Click Options next to Network Threat Protection (version 12.1) or Network and Host Exploit Mitigation (version 14)
  3. Select Configure Firewall Rules...
  4. You can add your own customized rules via the Add... rule button. Unlike managed clients, there is no rule creation wizard. Instead, a popup appears and allows you to configure a blank rule.
  5. To edit or delete an existing rule, highlight the rule and click the corresponding Edit... or Delete button.
  6. Additionally, you can highlight a rule and use the Up or Down arrow buttons to move the selected rule up or down in the list of rule order processing (top/down)
  7. To temporarily disable a rule uncheck the Check box next to the rule.

There are five tabs in the New Rule menu.

  • General
  • Hosts
  • Ports and Protocols
  • Applications
  • Scheduling

On the General tab:

  1. In the Add Firewall Rule window type in the Rule Name in the box provided
  2. Select the appropriate Action radio button to Block this traffic or Allow this traffic
  3. In Firewall settings box use the drop down to select which network adapters this rule applies.  The default selection is All network adapters
  4. Use the drop down to choose when to apply this rule while the screen saver is: The default selection is Either On or Off
  5. If you want to Record this traffic in the Packet Log check the checkbox.  (Use caution when enabling option write to the Packet Log due to potential large amount of data logged​)

​On the Hosts tab: 

  1. Choose the appropriate radio button for the Remote Host.  The default selection is All hosts

​On the Ports and Protocols tab:

  1. Use the drop down to select what Protocol the rule is applied.  The default selection is All IP Protocols
  2. Use the drop down to select the Traffic direction that is also applied.  The default selection is Both

On the Applications tab:

  1. If you want to create the rule to apply to specific Applications, Click on Browse... to use a file browser to add applications and populate the applications list.
  2. Click on Check Box next to each application you want to rule to apply

On the Scheduling tab:

  1. If you want the rule to apply to only a specific schedule check the box Enable Scheduling
  2. Use the radio button selector to choose between During the time period below or Excluding the time period below
  3. Next fill in the appropriate schedule in the Beginning At box using the drop downs for Month, Day, Hour, Minutes
  4. Last fill in the Duration box in the appropriate fields for Days, Hours, Minutes

In the yellow Rule Summary: box review the written rule statement for accuracy and adjust the rule as needed.  Then click OK buttons to all remaining open windows to save the changes.