Endpoint Protection

 View Only

  • 1.  Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 10:28 AM

    I am trying to prevent clients from being able to right click the SEP shield in the taskbar and clicking "Disable Symantec Endpoint Protection". 

    I have followed all the steps in http://www.symantec.com/business/support/index?page=content&id=TECH168990 and the users are still able to disable SEP by right clicking the shield in the taskbar. 

    It did seem to grey out the users option to disable anything by double clicking the SEP shield and going into change settings within the app itself.

    Thanks



  • 2.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Trusted Advisor
    Posted Oct 24, 2012 10:32 AM

    Hello,

    You can determine the level of interaction that you want users to have on the Symantec Endpoint Protection client. Choose which features are available for users to configure. For example, you can control the number of notifications that appear and limit users' ability to create firewall rules and virus and spyware scans. You can also give users full access to the user interface.

    The features that users can customize for the user interface are called managed settings. The user does not have access to all the client features, such as password protection.

    To determine the level of user interaction, you can customize the user interface in the following ways:

    • For virus and spyware settings, you can lock or unlock the settings.

    • For firewall settings, intrusion prevention settings, and for some client user interface settings, you can set the user control level and configure the associated settings.

    • You can password-protect the client.

    To password-protect the client

    1. In the console, click Clients.

    2. Under Clients, select the group for which you want to set up password protection.

    3. On the Policies tab, under Location-independent Policies and Settings, click General Settings.

    4. Click Security Settings.

    5. On the Security Settings tab, choose any of the following check boxes:

      • Require a password to open the client user interface

      • Require a password to stop the client service

      •  Require a password to import or export a policy

      • Require a password to uninstall the client

    6. In the Password text box, type the password.

      The password is limited to 15 characters or less.

    7. In the Confirm password text box, type the password again.

    8. Click OK.

    Check these Articles which may assist you with all the Information you are looking for:

    How do you lock down SEP client interface so that end users cannot disable components or modify settings.

    http://www.symantec.com/docs/TECH136678

    How to block a user's ability to disable Symantec Endpoint Protection on Clients

    http://www.symantec.com/docs/TECH102822

    How to restrict users from making configuration changes to the Symantec Endpoint Protection client.

    http://www.symantec.com/docs/TECH102370

    Again, Check this Thread:

    https://www-secure.symantec.com/connect/forums/how-do-i-temporary-enable-users-ability-disable-symantec-endpoint-protection-clients

    Hope that helps!!



  • 3.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 10:32 AM

    HI,

    Check SEP client policy are applied or not ?

    Checking the policy serial number on a client

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55604

    You can compare SEPM group and Client side policy no.



  • 4.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 10:34 AM

    Yes, the client has the correct policy applied to match the SEPM policy.  They are still able to Disable via the taskbar shield.



  • 5.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"
    Best Answer



  • 6.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 10:42 AM
    1. Open the Symantec Endpoint Protection Manager.
    2. Click Clients.
    3. Select the group that contains the clients you want to be affected.
    4. Click Policies.
    5. Expand Location-specific Settings.
    6. Click Tasks to the right of "Client User Interface Control Settings", then click Edit Settings.
    7. Select Server control or Mixed control if it is not already set to one of these.
    8. Click Customize.
      • If Server control is enabled this will open the Client User Interface Settings dialog.
      • If Mixed control is enabled this will open the Client User Interface Mixed Control Settings dialog.

         
    9. Uncheck Allow users to enable and disable Network Threat Protection.
    10. Click OK> OK.


  • 7.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 10:48 AM
    check above comments and try to restart system and check


  • 8.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 10:58 AM

    After locking the Enable SONAR and updating the client policy the "Disable Symantec Endpoint Protection" option is greyed out. 

    Perhaps there is some faulty logic in how the client determines if it should really disable that option, or perhaps it is all tied in together and will not grey it out unless all the seperate parts are locked?

    Anyways, changing Enable SONAR to "locked" did the trick.



  • 9.  RE: Prevent SEP 12.1 Clients from using "Disable Symantec Endpoint Protection"

    Posted Oct 24, 2012 11:10 AM

    So you do or don't have NTP component installed?