Symantec Endpoint Protection Manager 12.1 is reporting clients as having Firewall Status as Disabled when withdrawing the firewall policy from their group.