1) In SEPM, under Virus and Protection policy lock all the items which are unlocked
- This action reverse all the other 3 points from the article you mentioned - correct?
or
Select Virus and Protection policy- High security, it will lock all the items as a policy default.
- When I click this, I found all are locked as mentioned - do I need to activate this policy, (I am not sure when I simply
click on the High security - will this become active) I think by default when I make changes on virus and
protection policy that became an active policy rather than this. - is this the problem I am facing
2) Go to Specific group --> Policies --> Location-specific Settings --> Client User Interface Control Settings --> Tasks --> Edit settings --> Server Control --> Customize --> Uncheck the following two options
i) Allow user to enable and disable the firewall
ii) Allow user to enable and disable application and device control policy.
3) You also need to perform the following In the Policies tab of the SEPM:
1. Click Intrusion Prevention Protection policy.
2 .Click Setting, then lock this feature by clicking the lock symbol next to Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention.
3. Click OK.
Check on client, as you can see tab is grayed out.
- from 2-3 settings are as it is - but still no grayed out on client.
Where I am wrong??????
Thanks for your time.
Anver