Endpoint Protection

 View Only

  • 1.  Default Protection in User Mode

    Posted Apr 30, 2015 10:59 AM

    From all that I've read, and my specific requirements, I need to setup user mode for our environment.

    My understanding of the user mode indicates that the policy defined is only applied when a user logs in. My question is therefore, what happens to the computer between the time the computer starts and the user actally logs in. This can be anywhere from 1 minute to 2 days (somebody click logoff instead of shutdown on a Friday evening).

    Is there a default policy or level of protection that is applied for hte machine seeing that there is no user logged in ?

    If yes, then where is the policy defined, and how do i modify it.

    This information is necessary as I need to implement Device control for removable media which requires user mode.

    If this was answered somewhere else, please point me. I'm new to SEP



  • 2.  RE: Default Protection in User Mode

    Broadcom Employee
    Posted Apr 30, 2015 11:49 AM

    If the client software runs in user mode, the client computer gets the policies from the group of which the user is a member. If the client software runs in computer mode, the client computer gets the policies from the group of which the computer is a member. Many organizations configure a majority of clients in computer mode

    Mode

    Description
     

    Computer mode

    The client protects the computer with the same policies, regardless of which user is logged on to the computer. The policy follows the group that the computer is in. Computer mode is the default setting.
     

    User mode

    The policies change, depending on which user is logged on to the client. The policy follows the user.

    Check this article: About user mode and computer mode

    http://www.symantec.com/docs/HOWTO27008

     



  • 3.  RE: Default Protection in User Mode

    Broadcom Employee
    Posted Apr 30, 2015 12:08 PM

    Q. Is there a default policy or level of protection that is applied for hte machine seeing that there is no user logged in

    --> If the client software runs in user mode, the client computer gets the policies from the group of which the user is a member. If the client software runs in computer mode, the client computer gets the policies from the group of which the computer is a member.

    Q.If yes, then where is the policy defined, and how do i modify it.

    --> In the SEPM console you will have to modify the policies.

    User mode.jpg

    To block USB access you can refer this article: How to block USB Thumb Drives and USB Hard Drives, but allow specific USB Drives in the Application and Device Control Policy in Symantec Endpoint Protection (SEP).

    http://www.symantec.com/docs/TECH106304



  • 4.  RE: Default Protection in User Mode

    Posted Apr 30, 2015 12:38 PM

    Apprecaited.

    I'll test this out and revert should i hit another stumbling Block.

     

    Thanks.



  • 5.  RE: Default Protection in User Mode

    Broadcom Employee
    Posted May 08, 2015 09:05 AM

    Is there any update?

    OR

    If your query has been resolved mark this thread as a 'Solved' with the best answer that helps you.