We use Symantec Endpoint Security with a central server in a secure DMZ and clients in several other DMZs including web, database and other servers. The web servers often have more than 1 IP address on the primary adapter and also additional adapters for management networks. The Symantec Endpoint Client chooses the correct interface that can route to the server address but then appears to select an IP address 'at random' of those available on that adapter. This causes issues with the configuration of the firewalls to allow the traffic between the client and the management server as we don't want to have to add all IP addresses to the firewall rules, just the primary IP addresses for each server. Having spoken to support I was told this was often a question or reported issue from other clients.
It would be useful if there was a configuration option to fix the IP address that SEP client used to communicate to the server on, this is possible in other security products we use although most select the default IP address of the adapter automatically.
Laurie Calverley