Symantec Endpoint Protection Manager 12.1 is reporting clients as having Firewall Status as Disabled when withdrawing the firewall policy from their group.

TECH204587
Last Updated October 25, 2018

 Symantec Endpoint Protection Manager (SEPM) is reporting on the Home Page under Endpoint Status clients as Disabled when the SEPM administrator has withdrawn the firewall policy. Clicking on Endpoint Status to see more details the client is reporting the firewall status as disabled.

The Endpoint Status on the Home Page will list the affected clients as disabled and clicking on details will show Firewall Status as Disabled for affected clients.

 This occurs the first time you disable or withdraw the firewall policy from a client group and the firewall component on the client has never been disabled previously.

This issue is fixed in Symantec Endpoint Protection 12.1.6.4 - RU6-MP4. For information on how to obtain the latest build of Symantec Endpoint Protection, read:

TECH 103088: Download the latest version of Symantec Endpoint Protection

 

​ To work around the issue in the meantime the SEPM administrator can re-enable the firewall policy temporarily and send a command to the clients to disable / enable Network Threat Protection. Next time the policy is disabled, the clients will correctly show firewall status as "Disabled by policy" and SEPM will not report any problems.

 

 

Imported Document ID: TECH204587

Thanks for your feedback. Let us know if you have additional comments below. (requires login)

    © 1995-2019 Symantec Corporation