Endpoint Protection

This is mostly a usage question:

SEPM is showing, on the home page, that I have three computers with Tamper Protection Off.  I've checked to ensure that the policy applied to these group containing these clients is enforcing tamper protection.  I've also manually right-clicked the icon in the system tray of one of the computers in question and chosen "Update Policy" - to no avail.

What do I need to do to turn tamper protection back on for these computers?  Is this process documented somewhere in the online help?  I've searched and wasn't able to find anything.

Thanks,

Try registering msxml3.dll by running the following on clients:

regsvr32 %systemroot%\system32\msxml3.dll /s

Also, is the OS 64 bit?

This might be due to bad installation SEP on client. Did you use push deployment method to install clients.

I recomend to go to the clients and install through setup packages for the first time as clients might have some other av products installed earlier or some virus may be present on the system due to which push deployment installation may fail which you can't know from the console.

Hi Arrow,

Which version are you using of SEP.

There are few issues resolved in SEP MR4 with regards to Tamper Protection reporting in SEPM.

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/2c62c4ee0e697aae882573b000034ded?OpenDocument

Rgrds,
SAM

Presumably your clients are 64-bit. Tamper protection is not functional on 64-bit OS'.

Check whether the clients receive any cammand and policy at all or not. Send a command and check this out.

Currently I have a mr3 environment and also have this problem that the "tamper protection off" count is not actual. I just know that all clients I've checked are functional ok and have the tamper enabled .
I believe it's a bug but I havn't tested the mr4 yet.