Allow Symantec Anti-Virus through Windows Firewall via Group Policy

By | January 31, 2006
When using Symantec System Center, you are sometimes unable to retreive information from your remote clients. This is because something is stopping communications between the AntiVirus Server and the Client workstation. If you are running Active Directory, you can easily configure a Group Policy to allow these types of communications.
NOTE: This article assumes you know how to apply group policies.
Symantec uses port number 2967 to communicate to AntiVirus clients. If you are running a firewall on the machine, you will not be able to communicate with the Antivirus server

Open up Group Policy Management Console and navigate to
Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile

Open up “Windows Firewall: Define port exceptions”
Enable this rule

Select “Show” then select “Add”

Type in
2967:TCP:localsubnet:enabled:Symantec TCP
and
2967:UDP:localsubnet:enabled:Symantec UDP

Hit OK all the way out and apply it to the OU the computers are in.
Refresh group policy on the local computer by restarting it.

Now you should be able to view logs and information from the AntiVirus clients via Symantec Security Center.

NOTE: The same process can be used to allow other custom ports in the firewall as well.
This information is provided “AS IS” with no warranty expressed or implied.

Leave a Reply

Your email address will not be published. Required fields are marked *