Endpoint Protection doesn't manage Windows Firewall settings in Windows 10 Fall Creators Update
Last Updated March 07, 2019
Symantec Endpoint Protection (SEP) doesn't manage the Windows Firewall settings in Windows 10 Fall Creators Update (version 1709). This situation causes a conflict between Windows and SEP firewall rules and results in unexpected application blocks.
SEP normally manages the Windows Firewall settings when the SEP firewall component is installed, as shown:
SEP 14 RU1 added support for Windows 10 Fall Creators Update. After SEP 14 RU1 is installed together with Windows 10 Fall Creators Update (version 1709), SEP doesn't manage the Windows Firewall settings. This view indicates Windows Firewall is still active, even though SEP firewall is installed:
SEP 14 RU1
Windows 10 Fall Creators Update (version 1709)
The issue is caused due to incorrect access rights to query the Windows Firewall service status.
A product fix has been released with the SEP 14.0 RU1 MP1 and SEP 12.1 RU6 MP10 versions.
As a workaround, disable the Windows Firewall rules that conflict with SEP firewall. Disabling Windows Firewall entirely is not recommended. Such a step disables DirectAccess protections provided even when SEP fully manages the Windows Firewall. See symantec.com/docs/TECH123729 for more details about the firewall categories which SEP normally manages.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe