Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

How to disable SEP features at client GUI in SEP

Created: 07 Sep 2011 • Updated: 12 Jun 2013 | 28 comments
Language Translations
Chetan Savade's picture
+13 13 Votes
Login to vote

Updated on 12th June'13

 

Hi,

By deafult all the SEP features are accessible to end user.

Let's see one by one.

 

1) Disable all Virus and Spyware protection features is enable by default.

 

 

 

To disable Virus and Spyware protection feature access on SEP client

Go to SEPM --> Policies ---> Virus & Protection policy – Balanced --> Protection Technology-->Auto-protect --> Lock Enable auto-protect

 

 

 
Confirm on Client, as you can see tab is grayed out.
 
 
 
 
 
 
 

 

2) Disable Proactive Threat Protection is also enable by default 

 

Go to SEPM -->Policies --> Virus & Protection policy – Balanced -->Protection Technology-->SONAR  -->Lock SONAR

Confirm on client, as you can see tab is grayed out.

 

 

 

3) Disable Network Threat Protection access on SEP client.

 

Go to Specific group --> Policies --> Location specific setting --> Client user interface settings --> Edit settings -->  Uncheck allow user to enable and disable firewall

Check on client, as you can see tab is grayed out.

 

 

4) Disable Symantec Endpoint Protection feature is also enable by default. 

 

1) In SEPM, under Virus and Protection policy lock all the items which are unlock

or

Select Virus and Protection policy- High security, it will lock all the items as a policy.

2) Go to Specific group --> Policies --> Location specific setting --> Client user interface settings --> Edit settings --> Uncheck the following two options

i) Allow user to enable and disable firewall

ii) Allow user to enable and disable application and device control policy.

3)  You also need to perform the following In the Policies tab of the SEPM:

1. Click  Intrusion Prevention Protection policy.

2 .Click Setting, then lock this feature by clicking the lock symbol next to Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention.

3. Click OK

Check on client, as you can see tab is grayed out.

 

 

For Small Business Edition check this artilce:

How to block a user's ability to disable Symantec Endpoint Protection Small Business Edition on Clients

http://www.symantec.com/docs/TECH172434

Comments 28 CommentsJump to latest comment

Symantec World's picture

Voted this useful article.

 

Regards, M.R

+1
Login to vote
Kedarnath Lal's picture

thank you

nice Article

0
Login to vote
Gurupreet's picture

nice article

+1
Login to vote
Srikanth_Subra's picture

Nice one

Thanks & Regards,

 Srikanth.S

"Defeat the Defeat before the Defeat Defeats you"
(Swami Vivekananda)

0
Login to vote
Chetan Savade's picture

Thanks everyone for comments  !!!

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

0
Login to vote
John Santana's picture

thanks man !

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

0
Login to vote
yoyogi13's picture

Dear Chetan,

I cannot find your setting for point 4. Fyi, iam using SEPM 11.7

could you help me ...

0
Login to vote
Chetan Savade's picture

Hi,

This article is specific to SEP 12.1.

For SEP 11.x you can refer this article

How to block a user's ability to disable Symantec Endpoint Protection on Clients

http://www.symantec.com/docs/TECH102822

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

0
Login to vote
pete_4u2002's picture

what is that you not seeing? can you post the screen shot?
are you referring tio point 3 ?

0
Login to vote
ted24's picture

i had the same problem, i could not understand that "locker's sign" is clickable! But now it works fine.
i think other people can meet the same manual misunderstanding.

0
Login to vote
yoyogi13's picture

Hi Chetan,

Thanks for your info :)

but i have another question, can we give password when client trying to disabled antivirus ?

I can do this for uninstall, but for disabled I cannot find where is the setting :(

0
Login to vote
.Brian's picture

You can use the application and device control policy to protect the client registry and services from being stopped. If you have tamper protection enabled, this will also prevent this as well.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
James007's picture

No this type setting not available you can't provide password

0
Login to vote
harvansh Singh's picture

Greate Artical..

Regards

Harvansh Singh

0
Login to vote
yoyogi13's picture

Dear All,

 

Thanks for info. :)

0
Login to vote
Ambesh_444's picture

Again Good one..

Nice and helpful Chetan,

Thanks a lot for the sharing..

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

0
Login to vote
Chetan Savade's picture

Thanks to all !!!

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

+1
Login to vote
Chetan Savade's picture

Hi,

For Small Business Edition check this article:

How to block a user's ability to disable Symantec Endpoint Protection Small Business Edition on Clients

http://www.symantec.com/docs/TECH172434

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

+1
Login to vote
blackvirus009's picture

dear chetan 

the artical is really helpful 

0
Login to vote
AjinBabu's picture

Nice article Chetan.

0
Login to vote
MrFanciful's picture

I know this is an old article but I've followed every step by the original poster and not a single option has been disabled.

We are using 12.1.4013.4013 and they are installed in computer mode.
 

 

0
Login to vote
.Brian's picture

See if this article helps:

How to block a user's ability to disable Symantec Endpoint Protection on Clients

http://www.symantec.com/docs/TECH102822

Has the client picked up the policy change from the SEPM?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
MrFanciful's picture

Hi

Thanks for the quick reply.

After making any changes I first waited for the policy serial to update in the management console, then did an Update Policy from the client, wait for the clients policy serial to update in the management console. I'd then check if the changes had taken effect. If they hadn't taken effect, I'd do a reboot of the client and check again.

I've attached screenshots I've just made of the settings from the management console.

 

Auto-Protect.PNG Client User Interface - Server Control.PNG Security Settings.PNG Sonar.PNG Tamper Protection.PNG
0
Login to vote
.Brian's picture

You need to close the locks in the policy. That will stop the users from being able to change on the client side.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
MrFanciful's picture

Well...What a rookie error. I simply didn't see them.

That worked. Thanks for taking the time to help, really appreciate it.

0
Login to vote
.Brian's picture

No problem, always glad to help!

take care

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

0
Login to vote
Chetan Savade's picture

Lock is very important in this process.

Under Antivirus and Antispyware policy out of three policies one of them is with High Security.

In the High Security policy all the locks are by default selected. Apply the policy and see the results.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

0
Login to vote