Endpoint Protection

Hello all

How can I block opening any page related to Teamviwer using Symantec firewall?

*.teamviewer.com from any app (IE, Edge, Chrome, etc)

I have already tried creating a special rule but it is not working

Thanks

blocking DNS queries for *.teamviewer.com may help.

Hello,

Would have to see your rule but you can block traffic from teamveiwer.exe and teamviewer_service.exe

Those are the two that need to be blocked. It goes by exe name so it doesn't matter if hash changes or not (don't use the hash).

You could also try blocking peer to peer connection with below steps.

1. Login to the Symantec Endpoint Protection Manager (SEPM)
2. Click Policies
3. Click Intrusion Prevention
4. Right-click your IPS policy and click Edit
5. Click Exceptions underneath Windows Settings
6. Click Add...
7. Click Signature Name two times to sort the IPS signatures in ascending order
8. Select all signatures which start with: Audit: P2P
9. Click Next
10. Set Action to Block
11. Set Log to Log the traffic
12. Click OK
13. Click OK

You should check this article for more details: How to block Peer to Peer Applications (P2P) using Symantec Endpoint Protection 12.1

http://www.symantec.com/docs/TECH122597

Hope that helps!!

Hello Mithhun

If i block the signatures which start with: Audit: P2P..... is it posible that I am blocking other applications at the same time apart of Teamviewer?

I was in contact with Symatec support. According to them, it is possible to block www.teamviewer.com using the firewall module but it is not working for us

thanks 

Hello bdediego,

I agree with With Audit:P2P, other applications along with TeamViewer would be affected.

Did you try blocking traffic from both teamveiwer.exe and teamviewer_service.exe??

Check this Thread: 

https://www.symantec.com/connect/forums/blocking-team-viewer-vpn

Hope this may help you!!