How to block a specific IP using Network Threat Protection component
search cancel

How to block a specific IP using Network Threat Protection component

book

Article ID: 177730

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You want to block network traffic associated with a specific IP address using the Network Threat Protection Firewall component of Symantec Endpoint Protection (SEP).

Resolution

Edit the firewall policy associated with the clients to add a corresponding rule as follows:

  • Open the Symantec Endpoint Protection Manager (SEPM), click the Policies tab, and edit the Firewall Policy you wish to change
  • Click on  "Rules" under the "Windows Settings"
  • Click on "Add Blank Rule"
  • Double-click or right-click>Edit the “Host” field, add a specific IP address so the “Source/Destination” IP is the address you wish to block, (Local/Remote is less generic, and requires the local address of the client on which the rule should be applied)

  • Double-click or right-click>Edit the “Action” field and change it from "Allow" to "Block"

  • Save and deploy the Firewall Policy as needed.

 

This will block all incoming and outgoing traffic associated with the specified IP address.

Note: You can also click on Add Rule and accordingly follow the procedure to make a Rule.

Creating a firewall policy

Powered by Wolken Software