Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Michel_Leclerc
Explorer

Windows Firewall Rules created by Endpoint Security

Hello,

When Endpoint Security Client is installed two inbound rules are created in Windows Defender firewall with advanced security. These two rules are :

- Check Point Endpoint Security VPN Service

- Check Point Endpoint Security VPN GUI

These rules allow any inboud traffic for TracSrvWrapper.exe and TrGUI.exe for all profiles (Domain, private and public).

On my test machine, I've disabled both rules and VPN still works as expected.

So what these rules are for ?

Kind regards,

Michel

3 Replies
PhoneBoy
Admin
Admin

I assume those rules would be useful if for some reason you chose not to use the firewall included with the Endpoint Security client, which is most likely enforcing its policy instead.

0 Kudos
Michel_Leclerc
Explorer

We have Windows Defender Firewall activated. On the checkpoint client side Firewall is also enabled and policy is set to default if not connected and to to personalized if connected.

Not clear for me how these two firewalls interact.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

sk102711: Tracsrvwrapper is one of the components of the Windows VPN client that is responsible for client side authentication and connection with VPN service. TrGUI is the Check Point Endpoint Security VPN GUI (see sk113492 and Task Manager).

Uses for these rules that come to my mind would be EPS client updates (that could be enforced) and changes made to trac_client_1.ttm on GW (topology is written in the trac.config file, located on the client machine)

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events