Endpoint Protection

hi guyz 

i am using SEPM12.1.3 andi want to block the user ability to disable sep clint . in this regard i have research alot and  found myny usefull articales like the one bellow 

http://www.symantec.com/business/support/index?page=content&id=TECH102822&locale=en_US

http://www.symantec.com/business/support/index?page=content&id=TECH168990

https://www-secure.symantec.com/connect/articles/how-disable-sep-features-client-gui-sep-121#comment-8994981

by following these links i have been able to block the "disable virus and spyware  protection features" and "Disable proactive threat protection features" but i am not able to block "desable all network threat protection features." so due to the i am not able to block " Disable symantec endpoint protection".

for refrence i am attaching a file that show that i have unck these option for NTP but still its not working. need hel guyz.

Hello,

In this case, you need to make sure you have ALL the policies are "locked".

Once this are locked, you would see the "Disable Symantec Endpoint Protection" 

Check this Article: http://www.symantec.com/docs/TECH102822

Secondly, in your case, if the Client machines are Managed then these are taking the policies from the SEPM.

Check this Article:

Client cannot configure settings for Network Threat Protection after installing Symantec Endpoint Protection http://www.symantec.com/docs/TECH102667

• In Server Control, changes can be made to unlocked settings, but they are overwritten when the next policy is applied.

• In Client Control, client-modified settings take precedence over server settings. They are not overwritten when the new policy is applied, unless the setting has been locked in the new policy.

Changing the user control level http://www.symantec.com/docs/HOWTO55475

Hope that helps!!

Lock all the policies, Lock the Lock :) 

lock which policy?

locked?

Hello,

Remove the right to disable Threat detection:

1. Open the Symantec Endpoint Protection Manager.
2. Click Clients.
3. Select the group that contains the clients you want to be affected.
4. Click Policies.
5. Expand Location-specific Policies
6. Click Antivirus and Antispyware policy.
7. Click File System Auto-Protect, then lock this feature by clicking the lock symbol next to Enable File System Auto-Protect.
8. Click Internet Email Auto-Protect, then lock this feature by clicking the lock symbol next toEnable Internet Email Auto-Protect.
9. Click Microsoft Outlook Auto-Protect, then lock this feature by clicking the lock symbol next toEnable Microsoft Outlook Auto-Protect.
10. Click Lotus Notes Auto-Protect, then lock this feature by clicking the lock symbol next toEnable Lotus Notes Auto-Protect.
11. Click TruScan Proactive Threat Scans, then lock this feature by clicking the lock symbol next to Scan for trojans and worms and Scan for keyloggers.
12. Click OK.

For Symantec Endpoint Protection 12.1 or for SEP 11 clients managed by SEPM running 12.1 versions, additional policies must be locked. 

1. In the Virus & Spyware Protection policy, click Sonar, then lock this feature by clicking the lock symbol next to Enable Sonar.  
2. In the Instrusion Prevention policy, click Settings, then lock both lock symbols next to Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention.  

Hope that helps!!