Red X in Windows Security Center with 14.2+ firewall disabled by policy
search cancel

Red X in Windows Security Center with 14.2+ firewall disabled by policy


Article ID: 176041


Updated On:


Endpoint Protection


After upgrade to Endpoint protection client version 14.2 RU1 or newer, when you have the SEP firewall component installed but disabled by policy various versions of Windows 10 Security Center will display a red x for "Firewall & network protection"

There have been multiple issues encountered and not every instance is identical.  Depending on version of Windows 10 the Windows Security Center may display or present the error with minor differences in the UI.


Green Check


  • SEP client with Firewall component installed and disabled by policy from manager
  • Client versions 14.2 RU1 and newer
  • Various versions of Windows 10


After the SEP Firewall is disabled by policy, the client does not set the Windows Security Center Firewall (WSC) status to "WSC_SECURITY_PRODUCT_STATE_OFF" as a result the Windows Security Center reports a red x.  The client sets the WSC status to an unexpected value:  "WSC_SECURITY_PRODUCT_STATE_SNOOZED".



This issue is fixed in Symantec Endpoint Protection 14.2 RU2. For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec software here. 

To work around this issue:

  1. Create an allow all rule at the top of the rule set.
  2. Enble the SEP FW by policy
  3. Update the client to get latest policy