How to block a specific IP using Endpoint Protection Network Threat Protection


Article ID: 177730


Updated On:


Endpoint Protection


You want to block network traffic associated with a specific IP address using the Symantec Endpoint Protection (SEP) Network Threat Protection Firewall component. How can this be accomplished?


Edit the firewall policy associated with the clients to add a corresponding rule as follows:

  • Open the Symantec Endpoint Protection Manager (SEPM), click the Policies tab, and edit the policy you wish to change
  • Add a blank rule
  • Modify the “Host” properties so that the “Source/Destination” IP is the address you wish to block (Local/Remote is less generic, and requires the local address of the client on which the rule should be applied)
  • Change the “Action” to Block
  • Save and deploy the policy as needed.



This will block all incoming and outgoing traffic associated with the specified IP address.