How to block RDP with firewall rule
search cancel

How to block RDP with firewall rule

book

Article ID: 156116

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) clients need to be block RDP access.

Environment

Windows

Resolution

To block RDP using firewall policy, you can either edit the existing or copy of the firewall policy or create one, and follow the below process.
 
Open the Firewall Policy in the Symantec Endpoint Protection Manger (SEPM), under Windows Settings, click on Rules.
  1. Click Add Blank Rule.
  2. Double click Name field and set a proper name.
  3. Double click Action field and set to Block.
  4. Double click Service field. This will open the Service list.
  5. Click Add button. This will open the Protocol window.
  6. Set Protocol to TCP.
  7. Select Remote/Local.
  8. Set Local Port field to 3389.
  9. Leave Remote Port field blank.
  10. Set Direction to Both, Click OK
  11. Click OK on Service List screen.
  12. Modify other fields in the rule as needed.
  13. Move the new rule to the appropriate place in the rule list, save the changes.

Note: Test the created policy before applying it to the production environment.