12.0
Table Of Contents
- Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
- Technical Support
- Contents
- 1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
- 2. Planning the installation
- 3. Installing Symantec Protection Center
- 4. Preparing for client installation
- 5. Installing the Symantec Endpoint Protection Small Business Edition client
- 6. Migrating to Symantec Endpoint Protection Small Business Edition
- 7. Starting the Symantec Protection Center console
- 8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
- 9. Managing security policies and computer groups
- 10. Managing content updates from LiveUpdate
- 11. Managing notifications
- 12. Managing product licenses
- 13. Managing protection scans
- About managing protection scans
- How protection scans work
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
- 14. Managing firewall protection
- 15. Managing intrusion prevention protection
- 16. Managing administrator accounts
- 17. Managing disaster recovery
- A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
- B. Managing mobile clients and remote clients
- Index
23), HTTP (port 80), and HTTPS (port 443). The client computers initiate this
outbound traffic; you create a rule that permits the outbound traffic for these
protocols. Stateful inspection automatically permits the return traffic that
responds to the outbound traffic.
Stateful inspection supports all rules that direct TCP traffic.
Stateful inspection does not support the rules that filter ICMP traffic. For ICMP
traffic, you must create the rules that permit the traffic in both directions. For
example, for the clients to use the ping command and receive replies, you must
create a rule that permits ICMP traffic in both directions.
About the firewall security levels
Firewall protection provides three levels of security.
Table 14-3
Firewall security levels
DescriptionSecurity level
The Low security level allows all IP incoming traffic and outgoing traffic.
Low is the default security level.
See “About the default firewall protection” on page 133.
Low
The Medium security level enforces the Low security level. It also blocks
TCP incoming traffic and UDP stateful incoming traffic.
Medium
The High security level blocks all IP incoming traffic and outgoing traffic.High
About the default firewall protection
The default firewall protection settings are defined in the Firewall Policy. By
default, firewall protection is disabled in the policy.
When you enable firewall protection, the Symantec Firewall Policy allows all
inbound and outbound IP-based network traffic, with the following exceptions:
■ The default firewall protection blocks inbound and outbound IPv6 traffic with
all remote systems.
■ The default firewall protection restricts the inbound connections for a few
protocols that are often used in attacks (for example, Windows File Sharing).
Connections from the computers on internal networks are allowed. Connections
from the computers on external networks are blocked.
The internal networks include the following IP ranges:
■ 10.0.0.0/24
133Managing firewall protection
About the default firewall protection