A security bug affecting OpenSSL was announced this week (07-Apr-2014). OpenSSL versions 1.0.1 through 1.0.1f (inclusive) are vulnerable.
Symantec Endpoint Protection Manager (SEPM) utilizes OpenSSL. As a result, some versions of SEPM are affected.
Once you configure the policy from within the Symantec Endpoint Protection Manager, you will need to wait for the policy to propagate to the Symantec Endpoint Protection client installed on the SEPM server(s) prior to testing. To force the SEP client to download the modified policy immediately, right-click the SEP system-tray icon and click Update Policy.
To confirm that the rule applied successfully, simply telnet to port 8445. (Note: This is the default port. If you have configured your SEPM to use a different port for reporting, substitute that port here.). If the rule is configured correctly, the firewall successfully blocks traffic and does not permit a connection to the port. You may then examine the Traffic log of the SEP client on the SEPM server to confirm that SEP blocked the connection. See steps below.
How do I confirm that SEP blocked communication to the reporting port using the Firewall rule I created (above)?
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.