Hi ,
I am using SEPManager version 12.1.1101.401. Recently decided of blocking P2P applications in my office network and I have used the below steps to do so:
3. Blocking Peer to Peer Traffic using Symantec Endpoint Protection Firewall.
You can block the P2P traffic using Symantec Endpoint Firewall in this case even if the user has any P2P applications installed those applications won't be allowed to connect to the internet. Since it is very difficult to track the port number for the application as they can be easily changed by the user. So you can block the Inbound/Outbound traffic from the P2P processes.
In the Symantec Endpoint Protection Manager go to Policies -Firewall -Edit Firewall Policy - Rules- Add Rule -Click Next
In the Rule type select Application and click next
Select Define an Application and Click Next
In the File Name type the name of the process and click Next
Click Add More and add the name of other P2P application processes.
Click Finish.
Rename the rule to something like "Blocking P2P" so that you can identify.
Under Action change Allow to Block.
Under Logging Change it to "Write to Traffic Log".
I also checked "Send Email alert" in logging. And i have successfully blocked all the P2P applications. But i am not getting any email regarding the blocked application.
Should i create a notification separately for this rule?? My requirement is i should be getting an email from symantec when ever it blocks the specified application.
Note: I have already configured mail server and i am getting mails like client change update, risks etc.,
Please help me to configure a mail alert that sends mails every time it blocks the listed P2P applications.
Thanks in advance,
Anoop Jeevan.