1

I'm running Symantec Endpoint Protection 11 and I'm hoping to be able to toggle a simple firewall rule with a script. If I can do it from the command line that would be preferred.

Tyler Szabo
  • 178
  • 8

2 Answers2

1

It's unclear to me what Symantec Endpoint Protection has to do w/ your question, so please let me know if I'm missing something.

In terms of manipulating the Windows 7 Advanced Firewall from the command line I believe the netsh advfirewall command is what you're looking for. Read up on the syntax at Microsoft's site and play around with it a bit and I think you'll find it fairly intuitive.

If you're looking at making changes to firewall rules on clients in an Active Directory domain environment you'd have a better time of it using Group Policy instead of a command-line script.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • SEP provides its own firewall facility separate to the Win7 Firewall from what I can tell. Attempting to manage the Firewall using the Win7 GUI shows "These settings are being managed by vendor application Symantec Endpoint Protection". From dumping with netsh it looks like my configuration is not accessible there (though I'm not familiar with the netsh firewall configuration). – Tyler Szabo May 25 '11 at 01:16
  • Hmm... I can't help you there. We moved all our Customers off of Symantec's antivirus products back when they released SEP and I haven't kept up with it. Perhaps this is a silly question, but why not use the GUI management functionality on the SEP server? – Evan Anderson May 25 '11 at 01:24
  • I still have folks that won't move off. I cannot understand the devotion. – Jim B May 25 '11 at 01:37
  • I use SEP since it's what my school supports on student computers. I find the GUI to be cumbersome and I'd rather just fire and forget with a script. – Tyler Szabo May 26 '11 at 03:36
1

Scripting SEP is painful and full of things that can go wrong that can cause you to have to rebuild the system. I haven't tried to script it since the windows firewall in vista+ became so much better (making no reason to use the SEP firewall especially since it doesn't start with the network). You have to use the SMC command to do anything command line. Docs for it live here. There is a vbscript sample to automate it here

Jim B
  • 23,938
  • 4
  • 35
  • 58
  • Thanks! These are the docs I'm looking for. Although I think I'm going to take the inferred advice of migrate off of SEP (at least for the firewall in my case). Edit: Whoops, these are not the docs I'm looking for. Is there anything less than a "load this entire separate configuration" hammer? – Tyler Szabo May 26 '11 at 03:38