Disable Protection From Endpoint Protection Manager
I've got an interesting use case for Endpoing Protection Manager ...
I need to disable all protection (ideally through applying a set of disabled policies) and remove the ability for users to re-enable protection (via the "fix this" in the user interface notification screen).
Backstory: We are an managed service provider offering standalone managed anti-virus when full blown managed services is not an option with the client. In the event the client goes on credit hold I need to be able to disable protection until the account is current. I do however want the install to bark at the client that they are unprotected.
Anyone know if this is possible with SEP Enterpriese? If not possible does anyone know if it's possible with endpoint protection.cloud?
Thanks!
Comments
Go to the Specific client
Go to the Specific client group --> Policies --> Location specific setting --> Client user interface settings --> Edit settings --> Uncheck Allow user to enable and disable firewall
Check on client, as you can see tab is grayed out.
4) Disable Symantec Endpoint Protection feature is also enabled by default.
1) In SEPM, under Virus and Protection policy lock all the items which are unlocked
or
Select Virus and Protection policy- High security, it will lock all the items as a policy default.
2) Go to Specific group --> Policies --> Location-specific Settings --> Client User Interface Control Settings --> Tasks --> Edit settings --> Server Control --> Customize --> Uncheck the following two options
i) Allow user to enable and disable the firewall
ii) Allow user to enable and disable application and device control policy.
3) You also need to perform the following In the Policies tab of the SEPM:
1. Click Intrusion Prevention Protection policy.
2 .Click Setting, then lock this feature by clicking the lock symbol next to Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention.
3. Click OK.
Check on client, as you can see tab is grayed out.
Regards'
Ajit Jha
Technical Consultant
STS
Hi Jonas, Basically if you
Hi Jonas,
Basically if you do not want the FIX button to available for your SEP client then you should disable those features from SEPM only.
please go through the following example for more details:
How to disable the "Fix" button notification after turning off email scanning in Symantec Endpoint Protection. :
http://www.symantec.com/docs/TECH102291
Hope this helps you!!
Regards,
Avkash K
So If you will disable all
So If you will disable all the feature for that perticular client then it will show warning also and they won't be having FIX button available.
Regards,
Avkash K
Hi, It's possible through
Hi,
It's possible through SEPM.
Check following article
https://www-secure.symantec.com/connect/articles/how-disable-sep-features-client-gui-sep-121
Public Kb also available for same.
http://www.symantec.com/docs/TECH168990
I hope it will help you !!!
Thanks and Regards,
Chetan Savade
Technical Support Analyst,
End Point Security, Enterprise Technical Support
Thumbs up for Public Kb
Thumbs up for
Public Kb also available for same.
http://www.symantec.com/docs/TECH168990
Would you like to reply?
Login or Register to post your comment.