When you create a new Firewall policy, the policy includes several default rules. You can modify one or multiple rule components as needed.
The components of a firewall rule are as follows:
The action parameters specify what actions the firewall takes when it successfully matches a rule. If the rule matches and is selected in response to a received packet, the firewall performs all actions. The firewall either allows or blocks the packet and logs or does not log the packet. If the firewall allows traffic, it lets the traffic that the rule specifies access the network. If the firewall blocks traffic, it blocks the traffic that the rule specifies so that it does not access the network.
The actions are as follows:
When the firewall evaluates the rule, all the triggers must be true for a positive match to occur. If any one trigger is not true in relation to the current packet, the firewall cannot apply the rule. You can combine the trigger definitions to form more complex rules, such as to identify a particular protocol in relation to a specific destination address.
The triggers are as follows:
Rule conditions consist of the rule schedule and screen saver state.
The conditional parameters do not describe an aspect of a network connection. Instead, the conditional parameters determine the active state of a rule. You may define a schedule or identify a screen saver state that dictates when a rule is considered to be active or inactive. The conditional parameters are optional and if not defined, not significant. The firewall does not evaluate inactive rules.
The Log settings let you specify whether the server creates a log entry or sends an email message when a traffic event matches the criteria that are set for this rule.
The Severity setting lets you specify the severity level of the rule violation.
To customize firewall rules
In the console, open a Firewall policy.
On the Firewall Policy page, under Windows Settings or Mac Settings, click Rules.
For versions earlier than 14.2, there is no option for Mac Settings.
On the Rules tab, in the Rules list, in the Enabled field, ensure that the box is checked to enable the rule; uncheck the box to disable the rule.
Symantec Endpoint Protection only processes the rules that you enable. All rules are enabled by default.
Double-click the Name field and type a unique name for the firewall rule.
Right-click the Action field and select the action that you want Symantec Endpoint Protection to take if the rule is triggered.
In the Application field, define an application.
In the Host field, specify a host trigger.
In addition to specifying a host trigger, you can also specify the traffic that is allowed to access your local subnet.
In the Service field, specify a network service trigger.
In the Log field, specify when you want Symantec Endpoint Protection to send an email message to you when this firewall rule is violated.
Right-click the Severity field and select the severity level for the rule violation.
In the Adapter column, specify an adapter trigger for the rule.
In the Time column, specify the time periods in which this rule is active.
Right-click the Screen Saver field and specify the state that the client computer's screen saver must be in for the rule to be active.
The Created At field is not editable. If the policy is shared, the term Shared appears. If the policy is not shared, the field shows the name of the group to which that the non-shared policy is assigned.
Right-click the Description field, click Edit, type an optional description for the rule, and then click OK.
If you are done with the configuration of the rule, click OK.
14.2 RU1, 14.2 MP1, 14.2, 14.0.1 MP2, 14.0.1 MP1, 14.0.1, 14.0.0 MP2, 14 MP1, 14, 12.1 RU6 MP8, 12.1 RU6 MP7, 12.1 RU6 MP6, 12.1 RU6 MP5, 12.1 RU6 MP4, 12.1 RU6 MP3, 12.1 RU6 MP2, 12.1 RU6 MP1, 12.1 RU6, 12.1 RU5, 12.1 RU4, 12.1 RU3, 12.1 RU2
This will clear the history and restart the chat.