A firewall is a program or hardware device that filters information that can affect your computer. It will block inbound communications that were not requested by the client and have not been explicitly allowed. A firewall does not prevent the Symantec AntiVirus Corporate Edition (SAVCE) client from receiving virus definitions updates, but it can limit some types of communication.

Kenyon's SAVCE clients will check in with their parent server periodically to check for configuration changes and virus definitions updates. A firewall does not block this communication.

In Symantec AntiVirus Corporate Edition, a parent server proactively pushes virus definitions to its clients after receiving a virus definitions update. A firewall blocks this inbound communication by default, since the communication is not requested by the client. The firewall on your system should be modified in order for the parent server to push new definitions to your computer. This allows Kenyon to give you the best protection from threats to our network. To allow a parent server to push definitions to a managed client proactively, open the ports being used by Symantec. By default, this is UDP ports 2967 and 38293.

If you use a firewall from a company other than Microsoft, please refer to them for details about how to configure the system.. If you use the firewall that Microsoft has provided with Windows XP, see the instructions below.

Windows XP, Service Pack 1, make these modifications:

1. Click Start, and then click My Network Places.
2. Under Network Tasks, click View Network Connections. (Or, right-click My Network Places on the desktop, and then click Properties.)
3. Right-click the connection that you use for the Internet, and then click Properties.
4. Click the Advanced tab, and then click Settings.
   Note: If the Settings button is unavailable, Internet Connection Firewall is not enabled on this connection. Click to start the firewall, then click the Settings button.
5. Click Add to open a new port.
6. In the Description box, type a friendly name. For example, type RTVScan. Note: RTVScan is the Real Time Virus Scan service.
7. In the Name or IP address of the computer hosting this service on your network box, type studentnav.kenyon.edu.
8. In the External port and Internal port boxes, type the port number 2967.
9. Click UDP, and then click OK.
10. Repeat steps 1 through 9 for an additional port named IntelPDS using port 38293 on UDP. Note: IntelPDS listens for communications from studentnav.kenyon.edu

Windows XP, Service Pack 2, make these modifications (in addition to the modifications above):

These instructions are based on our current understanding of Windows XP Service Pack 2. As that understanding changes, we will update these pages. If the antivirus software appears to be functioning on your computer, but the antivirus definitions are not updating, check this page to see if we have modified the instructions.

To be able to locate the programs listed below, click on the Start button, click on Search, click on For Files or Folders. Enter the name of the program and click Search Now. Note the location so you will be able to browse to the necessary programs.

Note: When you install Windows XP Service pack 2, Symantec AntiVirus appears automatically in the list of exceptions. However, the application associated with the rule is not one that handles communication. In order to allow Symantec AntiVirus to communicate, you must create exceptions for the correct services.

Add the ports listed for Service Pack 1, then add the programs below.

To create an exception for a service or application for Rtvscan.exe (Real Time Virus Scan service) and Lucomserver.exe (Live Update)

1. Right-click My Network Places, and click Properties.
2. Right-click Local Area Connection, and then click Properties.
3. On the Advanced tab, click Settings.
4. On the Exceptions tab, click Add Program.
5. Click on the Browse button. Go to the location of the antivirus program, Rtvscan.exe. Select it, and click OK.
6. Click on the Browse button. Go to the location of the LiveUpdate program, Lucomserver.exe. Select it, and click OK.
7. On the Exceptions tab, make sure that the application or service you selected appears checked under Programs and Services.