You can enable the various settings that enable Symantec Endpoint Protection to detect and log potential attacks on the client and block spoofing attempts. All of these options are disabled by default.
The settings that you can enable are as follows:
To configure these settings in mixed control, you must also enable these settings in the Client User Interface Mixed Control Settings dialog box.
To detect potential attacks and spoofing attempts
In the console, open a Firewall policy.
In the Firewall Policy page, click Protection and Stealth.
Under Protection Settings, check any of the options that you want to enable.
If you are prompted, assign the policy to a location.
See Editing a policy.