When you deploy Symantec Endpoint Protection (SEP) with the Network Threat Protection (NTP) component to a Windows 7 or Windows Server 2008 machine, the Windows firewall status appears to be disabled, and the Windows Firewall control panel displays the following message: "These settings are being managed by vendor application Symantec Endpoint Protection"
Network Threat Protection contains the firewall component.
Enabling Windows firewall
In Windows 7 / Windows Server 2008 and later, Action Center, which has a universal interface for displaying the status of the firewall, anti virus, and other security- and maintenance-related programs, replaces the Security Center.
This is the expected behavior of Symantec Endpoint Protection and computers running Windows 7 or later. The product is working as designed.
An installation of Symantec Endpoint Protection with Network Threat Protection automatically detects and disables Windows Firewall, if enabled. If you install Symantec Endpoint Protection without Network Threat Protection, an active Windows Firewall is not disabled.
To modify the status of the Windows Firewall:
Once the client's policy updates, changes to the Windows Firewall status take effect.
Note: As a best practice recommendation, you should only use one software firewall on a computer. Two software firewalls running on a computer might drain resources and one software firewall might have rules that conflict with the other. Enabling more than one firewall program is likely to result in conflicts and poor performance.