search cancel

Can Symantec Endpoint Protection Firewall be used to block loopback traffic.

book

Article ID: 228874

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

There sometimes may be situations where it may be desirable to prevent some local application on the client from connecting to a local service using the loopback address. (localhost / 127.0.0.1)

Resolution

While the Symantec Endpoint Protection Firewall is technically capable of monitoring the loopback traffic, this traffic is allowed automatically and it is not currently possible to override this behavior.
This applies all versions of Symantec Endpoint Protection 14.x.

This is by design, to avoid unforeseen side effects when creating firewall rules.

Depending on the use case, alternatives could involve looking at Application Control rules to limit what the application can do or configure the local service to block specific connections if the functionality exist.