HP Device Manager 4.6 - HP t5740 Windows XPe Support Guide
Modifying firewall rules in Symantec Endpoint Protection (SEP)
There is no command line to set individual advanced rules in SEP, so the required ports need to be added manually on the
thin client using the SEP Agent user interface. However, there are command line options to import and export the rules,
which make deployment possible. After the rules are added, they can be exported into a file which can then be deployed to
other thin clients.
The ports can either be added to existing rules or in a new rule. The following example modifies the existing HPDM rules to
add the needed ports.
Configuring the rules
1. Log on to the thin client as the Administrator.
2. Click Start > All Programs > Symantec Endpoint Protection for Windows XP Embedded > Symantec Endpoint
Protection for Windows XP Embedded.
3. In the main dialog of the SEP 5.1 Agent, click on the Tools menu and select Advanced Rules.
4. Click OK in the priority warning dialog.
5. Locate and select the existing rule titled Allow HPDM Agent – TCP. Click Edit
6. In the Advanced Rule Settings dialog, select the Ports and Protocols tab.
7. Edit the remote ports to add ports 139, 40004, 40009, and 49152–65535 as shown in the following figure. Configure
the passive port range to match the range you configured on the IIS ftp server.
Figure 3. Advanced Rule Settings
Note:
In order to use the Reverse Shadow and Resource Monitor functions of HPDM, additional changes to the Allow HPDM
Agent – TCP rule are required on the Applications tab. For more information, see VNC Shadowing
.
8. Click OK to save the changes.
9. Select the existing rule titled Allow HPDM Agent – Local TCP. Click Edit
10. In the Advanced Rule Settings dialog, select the Ports and Protocols tab.
6