Allow Symantec AV communications if the SAV client is installed on your ISA 2004 Server
[LEFT][CODE]http://www.isaserver.bm/isa_articles/sav.html[/CODE]
We need to create a few protocols for this.
[LIST=1][*]Intel PDS – 2967 TCP Outbound, 2967 UDP Send.[*]Symantec Control – 1549 TCP Outbound[*]Symantec Logs – 2404 UDP Send Receive[*]Symantec Msgsys – 38037 UDP Send Receive, 38293 UDP Send Receive[*]Symantec Quarantine - whichever port you specify within the Quarantine console.[*]Symantec Register – 3 UDP Receive Send[*]Symantec Register TCP – 3 TCP Outbound[/LIST]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image002.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image004.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image006.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image008.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image010.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image012.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image014.jpg[/IMG]
[B]Creating the access rule.[/B]
Create an Access Rule using these protocols allowing traffic using these ports from Internal and localhost, going to Internal and localhost.
To tighten it up a bit more, and I normally do this, create a computer object for the ISA Server and the Symantec Server and restrict the traffic between them.
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image016.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image018.jpg[/IMG]
[IMG]http://www.isaserver.bm/isa_articles/SAV_files/image020.jpg[/IMG]
Your SAV install can now be updated and monitored by the Symantec Server.
[B][COLOR=red]If you use the SAV Console from another machine, remember and add the computer object to the rule.[/COLOR][/B]
[/LEFT]