Have you seen these?
How to block a user's ability to disable Symantec Endpoint Protection on Clients
Article:TECH102822 |
| |
Created: 2007-01-05 |
| |
Updated: 2013-07-30 |
| |
Article URL http://www.symantec.com/docs/TECH102822 |
How to restrict users from making configuration changes to the Symantec Endpoint Protection client.
Article:TECH102370 |
| |
Created: 2007-01-23 |
| |
Updated: 2008-01-29 |
| |
Article URL http://www.symantec.com/docs/TECH102370 |
Make sure you have all the locks closed in the various policies.
When you disable SEP via the task tray, open the GUI. What shows as disabled? Only the firewall? Or both firewall and IPS?
To stop users from disabling NTP, try this:
Remove the right to disable Network Threat Protection:
- Open the Symantec Endpoint Protection Manager.
- Click Clients.
- Select the group that contains the clients you want to be affected.
- Click Policies.
- Expand Location-specific Settings.
- Click Tasks to the right of "Client User Interface Control Settings", then click Edit Settings.
- Select Server control or Mixed control if it is not already set to one of these.
- Click Customize.
- If Server control is enabled this will open the Client User Interface Settings dialog.
- If Mixed control is enabled this will open the Client User Interface Mixed Control Settings dialog.
- Uncheck Allow users to enable and disable Network Threat Protection.
- Click OK> OK.