Managing Symantec Antivirus via Symantec System Center
One of the things that bug me about my job in general is having to manually perform tasks over and over. Managing Symantec Antivirus is one of those things that I love to make easier to manage. Unfortunately, the Windows XP firewall causes all sorts of problems when trying to manage Symantec Antivirus clients from the System Center console.
One day while browsing through the group policy objects on one of my development environments, I came across the Windows Firewall Exceptions group policy object. Now you might be saying to yourself, "Hey what kind of IT guy are you if you didn't know about those settings. They have been there for a while." Well, I knew about them, but never put the two together. Now I have.
How to configure Windows Firewall Exceptions for Symantec Antivirus 10.x client management (using Group Policy)
- Open your preferred group policy editor (ADUC or GPMC)
- Create or modify an existing group policy object.
- Browse to Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile
- Open Windows Fireawll: Define Port Exceptions
- Click Enabled
- Click the Show button
- Click Add...
- Enter in the following string and replace the text <ip of system center> with the IP address of your Symantec System Center Console Server:
2967:TCP:<ip of system center>:Symantec Antivirus Client - Managed - Click Ok. Your Port exception list should look like this:
- Click Ok
- Close your group policy editing software.
- Allow group policy to refresh or force your clients to update their group policy
How to configure Windows Firewall Exceptions for Symantec Antivirus 10.x client management (using command line)
- Open Command Prompt
- Type in the following command:
netsh firewall set portopening protocol=TCP port=2967 name = SymantecAVClient mode = enable - Type exit
Resources