Best Practices for using Windows Firewall with Symantec Endpoint Protection

book

Article ID: 157075

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You want to know how to use Windows Firewall along with Symantec Endpoint Protection (SEP).

Resolution

As a best practice recommendation, you should only use one software firewall on a computer. Two software firewalls running on a computer might drain resources and the both software firewalls might have rules those might conflict with each other. Enabling more than one firewall program is likely to result in conflicts and poor performance.

To prevent the above situation Symantec Endpoint Protection (SEP) installer automatically detects and disables Windows Firewall if enabled. An exception to this would be that if Symantec Endpoint Protection is installed without Network Threat Protection (NTP), an active Windows Firewall is not disabled.

If you are required to use the Windows Firewall, use the following document to adjust the Windows Firewall status: Using (Enabling) Windows Firewall with Symantec Endpoint Protection Network Threat Protection installed 

You can also uninstall the Network Threat Protection (NTP) feature from SEP, although Symantec recommends keeping all protection technologies installed and enabled. Network Threat Protection includes the firewall and Intrusion Prevention.

You can use AutoUpdate to remove Network Threat Protection, or modify the client installation to remove Network Threat Protection directly from the client computer. For more information see: How to change the installed feature set on Endpoint Protection 12.1.x clients.