Symantec Endpoint Protection (SEP) clients need to be block RDP access.

1. Click Add Blank Rule.
2. Double click Name field and change name appropriately.
3. Double click Action field and set to Block.
4. Double click Service field. This will open the Service list.
5. Click Add button. This will open the Protocol screen.
6. Set Protocol to TCP.
7. Select Remote/Local.
8. Set Local Port field to 3389.
9. Leave Remote Port field blank.
10. Set Direction to Both.
11.  Click OK.
12. Click OK on Service List screen.
13. Modify other fields in the rule as needed.
14. Move the new rule to the appropriate place in the rule list.