Default Symantec Endpoint Protection 12.1 RU1 Firewall Rules explanation

What’s new in SEP 12.1?

Ø  New Default FW rules (Allow Web Service, LLMNR, SSDP on private networks)

Ø  FW rule for TCP/UDP is now effective for both ipv4 and ipv6 traffic. All FW rule columns are applied for both ipv4 and ipv6 traffic. Ex: port, application, action, time, etc.

Ø  Limited IPv6 support. i.e.

–           The FW rule does not allow user to specify ipv6 address.

–           Use ‘All hosts’ for the ‘Hosts’ column

–           This means all ipv4 and ipv6 addresses

–           Traffic, Packet, Security Logs can display ipv4/ipv6 addresses.

–           No support yet for IPv6 tunneling (ISATAP, Teredo, etc).

Ø  Ability to disable FW policy on Client UI

Ø  Option to disable Windows Firewall

Ø  Decoupling FW and IPS component

Ø  FW rule support “Local Subnet”

Default Symantec Endpoint Protection 12.1 RU1 Firewall Rules explanation

Default Symantec policy explain

 

Advertisements

Posted on February 5, 2014, in Uncategorized. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: