GUP on Windows Server 2008 / 2012 with Windows Firewall enabled fails to update SEP clients
Last Updated March 03, 2017
When using Symantec Endpoint Protection (SEP) 12.1.5 or newer acting as a Group Update Provider (GUP) on Windows Server 2008 / 2012 with the Windows Firewall enabled, it fails to update the SEP clients.
The Windows Firewall on the GUP blocks ccSvcHst.exe from communicating with the SEP clients attempting to get updates. When SEP 12.1.5 or newer is installed to Windows Server 2008 / 2012 as a GUP, SEP auto-creates Windows Firewall rules for SMC.exe, but does not for ccSvcHst.exe.
To workaround the issue create two Inbound Rules in the Windows Firewall
1. Open Windows Firewall and click Advanced Settings. 2. Click Inbound Rules. 3. Click New Rule… 4. Select Custom, click Next. 5. Select This program path: and click Browse. 6. Browse and select ccSvcHst.exe, example path: (C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.6608.6300.105\Bin) Note: Path may vary depending on where SEP was installed. 7. Click Open and click Next. 8. For Protocol type, click drop-down arrow and click TCP, click Next. 9. Click Next again (skipping local and remote IP addresses) 10. Select Allow the connection, click Next. 11. When does this rule apply? Specify the appropriate profiles for which rules are applied: Domain, Private, Public, click Next. 12. Name the rule, something like: ccSvcHst Service, click Finish. 13. Repeat the above steps 1-12 to create a second rule, when you get to step 8, click UDP instead of TCP.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe