Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Browser Intrusion Prevention add-on problem

  • 1.  Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 08:49 AM

    I've this feature of SEP 12.1 enabled and locked down in the policy but it still prompts user to enable or disable the first time they run Internet Explorer after the install.

    Is there something else that needs to be done to have it enabled by default with no prompts?



  • 2.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 08:54 AM

    This sounds like a feature of IE9, its not really SEP.

    I dont believe there is anything you can do to prevent this without touching each machine and reconfiguring the notification options in IE.



  • 3.  RE: Browser Intrusion Prevention add-on problem

    Trusted Advisor
    Posted Jul 21, 2011 09:18 AM

    Hello,

     

    Uncheck the box "Enable Browser Intrusion Prevention" within the Intrusion Prevention Policy of Symantec Endpoint Protection Manager which controls the user ability to enable/disable this feature.



  • 4.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 10:02 AM

    So that check box in the policy is only for user' ability to enable or disable to the add-on? That doesn't make much sense. If that's the case then it needs to be clarified in the policy. Otherwise, people are going to think the same thing as myself and that the option in that policy is for enabling the add-on.



  • 5.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 10:11 AM

    Unchecking the box turns it off. There is no way to turn off that notification when opening IE9 after installing the first time within SEPM. As Paul mentioned, you need to configure IE to fix this.



  • 6.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 10:43 AM

    How do you configure the notification options in IE9? I'm looking at the internet options and don't see anything for notifications that would.

    Even if you can disable the notification from popping up, wouldn't that leave the add-on in limbo? Obviously IE wants you to acknowledge it and accept or deny the add-on to make sure some malware program isn't automatically loading itself.

    Wasn't IE 9 available for testing to Symantec during the SEP 12 beta?



  • 7.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 01:36 PM

    IE9 was availabe, yes.  We saw the issue, but this is a Microsoft feature - any addon that slows the loading of IE9 (even slightly) prompts the popup.  There are several workarounds, you can increase the amount of slowdown allowed (I think by default it is 0.2 seconds) or you can disable the notifications completely.

    I had a google and found this, which I think covers it: http://www.petenetlive.com/KB/Article/0000466.htm



  • 8.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 21, 2011 02:48 PM

    That makes a little more sense but I don't recall seeing that it took the add-on longer than default to load. The notification only mentioned that the add-on was ready for use and to click to enable or disable.



  • 9.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 26, 2011 03:13 PM

    Please help.  Need a way to enable the browser plugin by default.  Having the user decide this is not acceptable. Even if this is an IE thing which it is does anyone know of a way to enable it by default or prevent the user for being prompted on this?

     

    I disabled the notfications using GPO for browser add ones causing slowness in launching and that does not fix the issue.  Users still get prompted to enable the plugin when launching IE for the first time after install.

     

    Anyone find a workaround for this so that IE just trusts the plugin and loads it automatically?  Having the user be prompted with a choice is not acceptable.



  • 10.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 26, 2011 03:23 PM

    Dear Paul,

    The user is talking about SEP only. We just a related and very recent thread on the Intrusion Prevension Addon.



  • 11.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 26, 2011 03:26 PM

    have you tried this IE9 GPO?

    "Automatically enable newly installed add-ons"



  • 12.  RE: Browser Intrusion Prevention add-on problem
    Best Answer

    Posted Jul 26, 2011 03:55 PM
      |   view attached

    Here is a better way to do this without enabling ALL plugins by default.

     

    The proper GPO to resolve the issue is:

     

    USER CONFIG/POLICIES/ADMIN TEMPLATES/WINDOWS COMPONENTS/INTERNET EXPLORER/SECURITY FEATURES/ADDON MANAGEMENT

    Use the Option ADD-ON LIST

     

    Add the CLSID of the browser helper object and a value of '1' to enable it by default.

     

    Name: Symantec Intrusion Prevention
    Publisher: Symantec Corporation
    Type: Browser Helper Object
    Version: 9.8.2.0
    File date:
    Date last accessed: ‎Today, ‎July ‎26, ‎2011, ‏‎2:49 PM
    Class ID: {6D53EC84-6AAE-4787-AEEE-F4628F01010C}
    Use count: 2
    Block count: 3
    File: IPSBHO.dll
    Folder: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\IPS



  • 13.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 26, 2011 03:56 PM

    Can I ask why all of the threads regarding this issue have symantec responses accepted as the solution when they are most certainly not the correct solution?



  • 14.  RE: Browser Intrusion Prevention add-on problem

    Posted Jul 26, 2011 04:15 PM

    because somebody (either an administrator or the original poster) decided it was the best answer at the time.

    I have moved the tag to your answer in this case.