There sometimes may be situations where it may be desirable to prevent some local application on the client from connecting to a local service using the loopback address. (localhost / 127.0.0.1)

While the Symantec Endpoint Protection Firewall is technically capable of monitoring the loopback traffic, this traffic is allowed automatically and it is not currently possible to override this behavior.
This applies all versions of Symantec Endpoint Protection 14.x.

This is by design, to avoid unforeseen side effects when creating firewall rules.

Depending on the use case, alternatives could involve looking at Application Control rules to limit what the application can do or configure the local service to block specific connections if the functionality exist.