Blocking pcAnywhere with Symantec Endpoint Protection

This article describes methods for blocking the use of Symantec pcAnywhere by using the Symantec Endpoint Protection Firewall and Application and Device Control.

The policies attached to this article work with any release of Symantec Endpoint Protection 11 or any release of Symantec Endpoint Protection 12.1. The policies are designed to detect any version of pcAnywhere and were tested with pcAnywhere 11.0, 12.0, 12.1 and 12.5.

The policies in this article provide two methods of blocking pcAnywhere: blocking inbound traffic to pcAnywhere with the Endpoint Protection firewall, and blocking the pcAnywhere application with Application and Device Control.

To block inbound traffic to pcAnywhere with the Endpoint Protection firewall

1. Download the file Firewall policy - Block pcAnywhere v2.dat to the computer that runs Symantec Endpoint Protection Manager.

2. In Symantec Endpoint Protection Manager, click Policies > View Policies > Firewall Policy.

3. Under Tasks, click Import a Firewall Policy.

4. Browse to the file that you downloaded, and then click Import.

5. Do one of the following:

   • Assign the policy to the required groups.

   • Copy the pcAnywhere rule into an existing firewall policy, and move it to the top of the ruleset.

To block the pcAnywhere application with Application and Device Control

1. Download the file Application Control policy - Block pcAnywhere.dat to the computer that runs Symantec Endpoint Protection Manager.

2. In Symantec Endpoint Protection Manager, click Policies > View Policies > Application and Device Control Policy.

3. Under Tasks, click Import an Application and Device Control Policy.

4. Browse to the file that you downloaded, and then click Import.

5. Do one of the following:

   • Assign the policy to the required groups.

   • Copy the pcAnywhere rule into an existing Application and Device Control policy.

Applies To