Hello,
Hardening the SEP would Provide the Maximum Protection.
" Hardening Symantec Endpoint Protection with an Application and Device Control Policy to increase security" ---- http://www.symantec.com/docs/TECH132337
If you want to Disable the same OR View it, Please check the following:
1) Login to the SEPM
2) Go to Application and Device Conrtol Policy and check if the Protect client files and registry keys is checked. If yes, make sure you uncheck the same.
When you apply Hardening the SEP Policy; it checks all the check boxes shown above.
How the Application and Device Control Hardening policy works
http://www.symantec.com/docs/TECH132307
You can determine the level of interaction that you want users to have on the Symantec Endpoint Protection client. Choose which features are available for users to configure. For example, you can control the number of notifications that appear and limit users' ability to create firewall rules and virus and spyware scans. You can also give users full access to the user interface.
The features that users can customize for the user interface are called managed settings. The user does not have access to all the client features, such as password protection.
To determine the level of user interaction, you can customize the user interface in the following ways:
-
For virus and spyware settings, you can lock or unlock the settings.
-
For firewall settings, intrusion prevention settings, and for some client user interface settings, you can set the user control level and configure the associated settings.
-
You can password-protect the client.
To password-protect the client
-
In the console, click .
-
Under Clients, select the group for which you want to set up password protection.
-
On the Policies tab, under Location-independent Policies and Settings, click .
-
Click .
-
On the Security Settings tab, choose any of the following check boxes:
-
In the text box, type the password.
The password is limited to 15 characters or less.
-
In the text box, type the password again.
-
Click .
Check this Article which may helps you with all the Information you are looking for:
How do you lock down SEP client interface so that end users cannot disable components or modify settings.
http://www.symantec.com/docs/TECH136678
How to block a user's ability to disable Symantec Endpoint Protection on Clients
http://www.symantec.com/docs/TECH102822
How to restrict users from making configuration changes to the Symantec Endpoint Protection client.
http://www.symantec.com/docs/TECH102370
Hope this helps!!!