Indiana University
University Information Technology Services
  
What are archived documents?
Login>>
Login

Login is for authorized groups (e.g., UITS, OVPIT, and TCC) that need access to specialized Knowledge Base documents. Otherwise, simply use the Knowledge Base without logging in.

Close

At IU, after installing Windows XP SP2, how do I configure the Windows Firewall to allow Symantec AntiVirus to be controlled through the Symantec System Center?

Note: The following information is intended for registered local support providers (LSPs) at Indiana University. If you are an LSP and have questions regarding the information in this document, contact LSP Services at  lsps@iu.edu ; otherwise, contact your campus Support Center.

Windows XP Service Pack 2 (SP2) enables the Windows Firewall by default, which only allows communication that originates from the local computer. At Indiana University, as a result, you cannot control Symantec/Norton AntiVirus (SAV/NAV) through the Symantec System Center. The IT Security Office (UISO) recommends that you leave the Windows Firewall enabled and create an exception in it that allows control of SAV/NAV from the Symantec System Center.

To create an exception for Symantec System Center:

  1. From the Start Menu, select Settings, and then Control Panel. Double-click Network Connections.

    Note: If this doesn't match what you see, refer to About navigation settings in Windows.

  2. You will need to run the Windows Firewall applet as a local administrator. To do so, press and hold the Shift key while right-clicking Windows Firewall. Select Run As... , and in the resulting dialog box, select The following user radio button, and then supply the username and password of an account with local administrator privileges. (For more, see In Windows, how can I run an administrator task from a non-admin account?)

  3. In the Windows Firewall dialog box, on the General tab, make sure the On (recommended) radio button is selected and the Don't allow exceptions checkbox is not selected.

  4. From the Exceptions tab, click Add Port... .

  5. In the Edit a Port dialog box, for "Name:", enter Symantec System Center , and for "Port number:", enter 2967 . Then, for versions of Symantec AntiVirus up to version 9, select the UDP radio button. For versions 10 and later, select the TCP radio button.

  6. Click Change Scope, and in the resulting dialog box, select the Custom List radio button, and provide the IP address of your SAV server. If you have more than one console, you can enter a list of IP addresses or subnet/netmask entries separated by commas.

  7. To close all dialog boxes, click OK three times.
This is document aowt in domain all.
Last modified on May 13, 2009.

Comments/Questions/Corrections

Use this form to offer suggestions, corrections, and additions to the Knowledge Base. We welcome your input!

If you are affiliated with Indiana University and would like assistance with a specific computing problem, please use the Ask a Consultant form, or contact your campus Support Center.

Contact Information

Note: We will reply to your comment at this address. If your message concerns a problem receiving email, please enter an alternate email address.