Need to understand the behavior of the Symantec Endpoint Protection [SEP] fire wall 
If both Local and Remote ports are specified together in a single condition such as [Local=53; Remote=53], does this act as an AND condition or it should work as OR condition.

SEP version 14.X

If both Local and Remote ports are specified together in a single condition such as [Local=53; Remote=53], then this act as an AND condition 

1. Created below Rule in FW policy -
Application: chrome.exe, Host:<SEPM IP>, Service: Network service with <TCP local port:443, remote port:443>, log: Write to log, Action: ASK
2. Opened Chrome and tried to access <SEPM IP>:443 URL and it went through and received Bad request response

3. No traffic log generated
4. Changed above rule in step #1 as below - 
Application: chrome.exe, Host:<SEPM IP>, Service: Network service with <remote port:443>, log: Write to log, Action: ASK
5. Again repeated Chrome opening and accessing <SEPM IP>:443 URL , at this time ASK prompt appears after block action selection we got 
traffic log entry with the Rule name in the logs found

This proves when we select TCP port local as well as remote simultaneously it means AND operation is explicitly applied.