Symantec endpoint protection windows firewall

Best Practice It is best practice that only one software firewall should be run on a computer. Two firewalls that run on one computer at the same time can drain resources, and the firewalls might have rules that conflict with each other.

Enabling more than one firewall program is likely to result in conflicts and poor performance. To prevent this situation, SEP's installer automatically detects and disables Windows firewalls that are enabled. The exception is, of course, if a custom install package is created which does not include NTP.

If this Symantec firewall is not included in the install, an active Windows Firewall will not be disabled during install. One circumstance in which customers may wish to implement such a solution is if Windows Firewall is being used for firewall protection and the IPS Intrusion Prevention System components of SEP are desired. In these cases, NTP's Firewall policy must be completely withdrawn so that it is in pass-through mode.

To withdraw the firewall policy:. References Best practices regarding Intrusion Prevention System technology. Edit the Firewall policy and create a new Non-shared policy. Click Windows Integration. Disable Once Only default : Disables the Windows firewall at startup the first time Symantec Endpoint Protection detects that the Windows firewall is enabled. On subsequent startups, Symantec Endpoint Protection does not disable the Windows firewall.

Disable Always : Disables the Windows firewall at every startup and enables the Windows firewall if the Symantec firewall is uninstalled. Restore If Disabled : Enables the Windows firewall at startup. The Windows Firewall control panel displays the message "These settings are being managed by vendor application Symantec Endpoint Protection".

However, the options available in this policy still function as expected. Click OK. Once the client's policy updates, changes to the Windows Firewall status take effect.