Solved

Firewall blocks liove update for Symantec endpoint protection client

Posted on 2010-11-09
15
1,872 Views
Last Modified: 2013-11-16
Hi Experts

I have a Watchguard 550e that don't allow SEP Live updates to go throught.
HTTP Proxy is activated, how can I create a roule to allow Live update throught the firewall?

I have been able to do a update when I dissable the HTTP Proxy roules but thats not an option to do every day to get new updates.

Regards

Gerth
0
Comment
Question by:Gerth
  • 5
  • 5
  • 3
  • +1
15 Comments
 
LVL 7

Expert Comment

by:willbaclimon
Comment Utility
I believe it use's these ports

TCP:

139
445
2967
80
8014
8005
8443
9090
8443
1433
Ephemeral
UDP:

137
138

Here's some more info

http://internetforce.org/iforce/index.php?/topic/2-troubleshooting-liveupdate-issues-with-symantec-endpoint-protection/
0
 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
You can create an exception in HTTP proxy service to be able to get updates; please look at link below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1219/kw/HTTP%20proxy%20exception

Please note the link talks about windows update; but the process would be similar.

Please implement and update.

Thank you.
0
 

Author Comment

by:Gerth
Comment Utility
Hi All

I have been able to find a solution to this problem.
It seems like adding the HTTP rule "Application/zip" to "Allow only safe content types" in the firewall will do.

Is this a safe approach to this issue?

dpk wal: thanks for the advice, but this is a simpler firewall , WatchGuard 550e, thats not handled through WSM, it only have an webinterface for configuration and I can't find anything reassembling the pictures in the article in the configuration interface.
conf-change.jpg
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 125 total points
Comment Utility
With 550e you have option to use web interface or management software; the link was based on management software. If you have 55e instead then yes with version lower than 11.x you only have option of web UI.

In the above screen; if you go to HTTP Settings tab; can you check if you have HTTP proxy exceptions.

If no, then what you did is the correct solution; only backdrop is this action would allow these content types for all HTTP traffic; so you can create another HTTP proxy service and then allow above content types only for Symantix updates as below:
Outgoing; Enabled and allowed; from trusted; to all-comma-separated-public-ip-of-semantic-site

Thank you.
0
 
LVL 6

Assisted Solution

by:Jon Snyderman
Jon Snyderman earned 125 total points
Comment Utility
As dpk_wal indicated, the proxy exceptions would be the right way to go on this.  The URLs that need to be listed are:
liveupdate.symantecliveupdate.com
liveupdate.symantec.com
update.symantec.com

This assumes that we can trust Symantec.  I think thats a pretty safe bet.

~Jon
0
 

Author Comment

by:Gerth
Comment Utility
Hi

Confession - i have misslead you the firewall is a Watchguard x55e and not a x550e as i wrote earlier.
The firewall version is 10.1
Is it possible to make HTTP exeptions on that model ?

Very sorry for the typo on the model.

//Gerth
0
 
LVL 6

Expert Comment

by:Jon Snyderman
Comment Utility
I was wondering about your "no WSM" comment.  That explains it.  No issue.   Yes, version 10 on the older edge does support the proxy exceptions and that would still be the best way to resolve the problem in my opinion.

~Jon
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:Gerth
Comment Utility
Hi jsnyderman

Thanks for the advice, i found the "HTTP Proxy" exeption in the web interface now an have added the URL:s given by you.

The exeptions was on another "tab" in the user interface and "off screen" so when I clicked around and scrolled each window to the bottom did I find it, had not seen it before.
Have asked my user on the remote site to verify the solution.

I will come back with the results.

//Gerth
0
 

Author Comment

by:Gerth
Comment Utility
Hi all

User have verified that this solution works.
Thanks for promt and helpfull explanations.

//Gerth
0
 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
Comment accepted as answer has reference to an earlier comment of mine; so my comment should have been awarded some points. A point split would be appropriate IMO.

I have raised a question for moderators to have a look.

Thank you.
0
 
LVL 6

Expert Comment

by:Jon Snyderman
Comment Utility
Note that I agree with dpk_wal.  His original recommendation was accurate.  I just added more specifics and direction to the response.  Please feel free to split points.

~Jon
0
 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
Thank you, Jon!
0
 

Author Comment

by:Gerth
Comment Utility
Hi all and especially dpk_wal

I appoligize for missing to split the points, I'm quite new to EE and have not really learned the roules in here. Looking at your statement and reading throught the original post gives that the solution was there too.

I was just so greateful that the problem was solved so i didn't reflect over all post in this thread.

Will be more accurate in awarding points in the future - the help, and speed, from the community users is awsome and credit to the one(s) that deserve it.

//Gerth
0
 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
Hi Gerth,

Not a problem; welcome to EE! :) ;)
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in theā€¦
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video discusses moving either the default database or any database to a new volume.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now