<div>
As per advuce from past.<br />
<br />

<blockquote>
You can disable this feature in your SEPM firewall policy until you get it figured out and if it's causing major network issues. Go into your firewall policy on the Protection and Stealth tab and uncheck &quot;Automatically block an attacker's IP address&quot;<br />
<br />
Only those servers will block the SEPM server, nothing else should be blocked. 
</blockquote>
</div>


As per advuce from past.



> You can disable this feature in your SEPM firewall policy until you get it figured out and if it's causing major network issues. Go into your firewall policy on the Protection and Stealth tab and uncheck "Automatically block an attacker's IP address"
> 
> Only those servers will block the SEPM server, nothing else should be blocked.

<div>
You need to create an exclusion. Here are directions:<br />
<br />
Open SEP<br />
<br />
Next to Network Threat Protection click on Options<br />
<br />
Select Configure Firewall Rules<br />
<br />
Select Add<br />
<br />
Give it a name such as &quot;Allow Printer&quot; and set the Action to Allow this traffic<br />
<br />
Click on the Hosts tab and select the IP Address field<br />
<br />
Enter in the printer IP address here<br />
<br />
You can leave the other tabs alone<br />
<br />
Click OK<br />
<br />
Move the new firewall rule to the top and click OK<br />
<br />
Try to print again
</div>


You need to create an exclusion. Here are directions:

Open SEP

Next to Network Threat Protection click on Options

Select Configure Firewall Rules

Select Add

Give it a name such as "Allow Printer" and set the Action to Allow this traffic

Click on the Hosts tab and select the IP Address field

Enter in the printer IP address here

You can leave the other tabs alone

Click OK

Move the new firewall rule to the top and click OK

Try to print again

<div>
<div class="content wysiwyg-content">
I find that a HPscan program is blocked by Symantec Endpoint 14. &nbsp;The IP (x.x.x.x) of the HP multifunction printer is logged in Security Log - Client Managment Logs <br />
<br />
&quot;The lcient will block traffic from IP x.x.x.x for next 600s. Port scan attack is logged.<br />
<br />
Any idea how to release this in Symantec Endpoint 14 ?<br />
<br />
Thx
</div>
</div>


I find that a HPscan program is blocked by Symantec Endpoint 14.  The IP (x.x.x.x) of the HP multifunction printer is logged in Security Log - Client Managment Logs 

"The lcient will block traffic from IP x.x.x.x for next 600s. Port scan attack is logged.

Any idea how to release this in Symantec Endpoint 14 ?

Thx

Port Scan attack in Symantec EndPoint Protection

symantec endpoint

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.