Symantec Bs

[Harald Atta]

I 100% subscribe to what @mavraham wrote you. And I would also like to inform you that we can not recommend or guide on how to uninstall/install the products of other vendors. I would recommend that you contact in this symantec engineers to help on the uninstall of symantec.

Thanks million , the article link you gave from Broadcom website is very useful and looks I can use one of the command given there to uninstall Symantec Endpoint Protection via SCCM . Thanks lot again and appreciate your time in framing the above response to my question .

The updates work when I allow all traffic from DMZ -> WAN, so I know the Symantec software is installed fine. However, when I block internet traffic, allow DNS lookup to pass through as LiveUpdate uses FQDNs and follow the Symantec tech article to allow it through the firewall, it fails every time.

I've done some packet tracing when all traffic is allowed and it looks like LiveUpdate has multiple CNAMEs returned from the DNS. Should these CNAMEs be added to the policy as allowed or should the firewall be able to deal with them?

It's getting to the point where I'm considering setting up LiveUpdate to run once a day and to allow all traffic out to the internet for a 10 min widow while it does. However this is obviously not the preferred solution.

Going by that KB article, creating FQDNs for liveupdate.symantecliveupdate.com and liveupdate.symantec.com and creating a firewall policy allowing "unrestricted" access to those FQDNs should do the trick (assuming the firewall rule is moved up in the firewall chain).

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

c80f0f1006