Endpoint Protection doesn't manage Windows Firewall settings in Windows 10 Fall Creators Update

book

Article ID: 170369

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) doesn't manage the Windows Firewall settings in Windows 10 Fall Creators Update (version 1709). This situation causes a conflict between Windows and SEP firewall rules and results in unexpected application blocks.

SEP normally manages the Windows Firewall settings when the SEP firewall component is installed, as shown:

SEP 14 RU1 added support for Windows 10 Fall Creators Update. After SEP 14 RU1 is installed together with Windows 10 Fall Creators Update (version 1709), SEP doesn't manage the Windows Firewall settings. This view indicates Windows Firewall is still active, even though SEP firewall is installed:

Cause

The issue is caused due to incorrect access rights to query the Windows Firewall service status.

Environment

SEP 14 RU1

Windows 10 Fall Creators Update (version 1709)

Resolution

A product fix has been released with the SEP 14.0 RU1 MP1 and SEP 12.1 RU6 MP10 versions.

As a workaround, disable the Windows Firewall rules that conflict with SEP firewall. Disabling Windows Firewall entirely is not recommended. Such a step disables DirectAccess protections provided even when SEP fully manages the Windows Firewall. See symantec.com/docs/TECH123729 for more details about the firewall categories which SEP normally manages.

Attachments