Endpoint Protection

 View Only
  • 1.  Can I grey-out or disable any of the OPTIONS buttons

    Posted May 29, 2009 10:55 AM
    Hello,

    We have been evaluating SEP v.11.x and things are going fine.
    Question: Is there a way to grey-out or disable any of the OPTIONS buttons that appear after you open up SEP from the client?


  • 2.  RE: Can I grey-out or disable any of the OPTIONS buttons

    Posted May 29, 2009 10:57 AM

    Title: 'How to block user's ability to disable Symantec Endpoint Protection on Clients'
    Document ID: 2007110514540148
    > Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110514540148?Open&seg=ent



  • 3.  RE: Can I grey-out or disable any of the OPTIONS buttons

    Posted May 29, 2009 11:45 AM

    Ted,

    Thanks for that article.  I noticed at the bottom of the article:

    Operating System(s): Windows 2000 Professional, Windows 2000 Server/Advanced Server, Windows XP Professional Edition, Windows Server 2003 Web/Standard/Enterprise/Datacenter Edition, Windows XP Professional x64 Edition, Windows Server 2003 x64 Edition
    Product(s): Endpoint Protection 11
    Release(s): Endpoint Protection 11 [All Releases]

    However here are some screenshots of my SEPM console:

    imagebrowser image

    Tamper protection off 9 machines...

    imagebrowser image

    9 Dedicated machines in 64 Bit group that need protection

    imagebrowser image

    The same 9 machines with Tamper Protection off as indicated by SEPM console...

    imagebrowser image

    Main group (Default Group at the top of the tree)

    imagebrowser image

    Group is inheritting from the Parent. 

    These machines absolutely needed to be in 64 bit for the extra memory and capability.  Until we get the Device Control and Tamper protection under control...  I am limited on upgrading over 200 machines to 64 Bit.  This does not include Server OS.

    For the time being, I have had to disable USB ports directly in the BIOS, replace Burners with DVD drives and shut down Firewire and much much more.  Lots of fun.  Because, we use peripherals, that need USB ports, Tablets, Scanners, etc.  I cannot leave everything open.  You can surely understand the sensitive nature of the "projects" we work on.

    Thanks for any help.



  • 4.  RE: Can I grey-out or disable any of the OPTIONS buttons

    Posted May 29, 2009 12:07 PM

    Title: 'Tamper Protection does not install on a 64-bit Operating System.'
    Document ID: 2008060213213448
    > Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008060213213448?Open&seg=ent

    I'm not sure what this has to do with blocking a user's ability to change any settings in the client though. Perhaps you can explain exactly what information you are looking for?



  • 5.  RE: Can I grey-out or disable any of the OPTIONS buttons

    Posted May 29, 2009 12:23 PM
    Maybe there are some limits to english vocabulary, being French and all. 

    When I hear: "block user's ability to disable Symantec Endpoint Protection on Clients" I use it as a way of saying "Tamper Protection".  Hence removing the right of a user to disable, modify, make changes to settings that should not be- all that good stuff sounds to me like "tampering" with the system.

    I am incorrect in this?

    Could you please provide me than, in Symantec's terminology how you use the term "Tamper Protection"? 


  • 6.  RE: Can I grey-out or disable any of the OPTIONS buttons

    Posted May 29, 2009 12:44 PM
    Tamper Protection protects SEP against viruses and other malicious programs from tampering with or disabling our services.

    Basically, Tamper Protection is to stop programs from stopping or disabling SEP, and the method in the article I linked above is for stopping users from disabling SEP.


  • 7.  RE: Can I grey-out or disable any of the OPTIONS buttons

    Posted May 30, 2009 06:42 PM
    Tamper protection protects all the sep files, folders, running servcies,running processes and registry entries.
    Try to kill and SEP process and you will get a Tamper Protection alert.
    Many virus as they come to our system they first try to kill AV services and running processes so almost all top AV's have this feature but with diffrent names.

    Since Win 64 bits have a diffrent architecture so this feature is not supported yet on 64 bits like PTP.

    Just an Update: There is one big issue with Tamper Protection  and all Back up Solutions not just SAv or SEP but be it any other AV.
    As the backup tries to backup SAV folders tamper protection tries to kill it mking it unusable so you have to disable Tamper protection in that case.