0 Replies Latest reply on Nov 7, 2012 4:08 PM by lostpacket

    TCP connection policy dilemma


      I work at a company that uses VirusScan Enterprise, is it possible VS configuration explains the following problem?


      We routinely (daily/weekly) install and run new applications which need to connect to equipment via TCP. In most cases, the target device is attached via dedicated ethernet adapter.


      Security policies (VS?) routinely prevent these applications from making an outgoing TCP connection. It's time-consuming to correct this, requiring IT to get involved with every specific PC running one of these new applications.


      In the past, the problem has been solved by adding the new application to Firewall Exceptions - but I'm not allowed to; "Add " is disabled/greyed.


      Q. Is it hard to apply different policies for different users?  If a user belonged to some group called "TCPAppDevs", could TCPAppDevs have a unique Policy -  perhaps allowing them to edit Firewall Exceptions?


      Q. Can VS be configured to protect specific subnets - say 10.x.x.x - belonging to company LAN?  Why is it necessary to block activity on my 192.168.x.x dedicated/private subnets?


      Hoping to learn of a simple, permanent, solution which will allow me to configure a PC with a new TCP application.


      Any help is appreciated.