Video Screencast Help
Search Video Help Close Back
to help

Endpoint Status monitor.

Created: 07 Feb 2013 | 8 comments
Bryan S's picture
Bryan S
0 0 Votes
Login to vote

In the SEPM Endpoint Status monitor, it is showing that I have 75 disabled clients, I have not verified all but some of them work perfectly fine. Why are there clients listed here when they are working fine and are up to date?

SEP 12

OS Windows 7 64 bit clients and Windows 2003 32 bit servers and Windows 2008 server 64 bit

Discussion Filed Under:
, , , , ,

Comments 8 CommentsJump to latest comment

Brian81's picture
Brian81 Trusted Advisor
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

This is a little misleading. Disabled doesn't necessarily mean SEP is OFF completely. It could mean one of the components is disabled.

If you click on Disabled, a new window will open with more details. From here, you can see exactly what is disabled. It may just be tamper protection or Insight.

If you scroll over, it will give you all the details.

SEP Knowledge Base

Endpoint SWAT

+2
Login to vote
Bryan S's picture
Bryan S
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

Tamper protection is off for ALL clients, how do I get that to not be logged into the disabled?

0
Login to vote
Brian81's picture
Brian81 Trusted Advisor
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

You can't. This is by design.

SEP Knowledge Base

Endpoint SWAT

0
Login to vote
Bryan S's picture
Bryan S
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

OK, I have Tamper protection off all across the board. Why is it only picking up 75 clients when there are over 500? None of which has tamper protection enabled.

0
Login to vote
Brian81's picture
Brian81 Trusted Advisor
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

Not sure, maybe a bug. Or maybe tamper protection is actually on for them cheeky

SEP Knowledge Base

Endpoint SWAT

0
Login to vote
Bryan S's picture
Bryan S
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

I can't even remember why I disabled Tamper protection across the board. Can you think of reasons?

Do I want to turn it back on?

0
Login to vote
Brian81's picture
Brian81 Trusted Advisor
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

In the past, I've seen minor issues such as print drivers not installing...but nothing major.

Personally I would recommend it. It stops threats from disabling SEP. But sometimes legitimate programs may try to tinker with it as well...it's really up to you. I would turn it on and if something comes up than deal with.

Just leave the lock open in case someone is troubleshooting and needs to turn it off quickly. That's how I have it.

SEP Knowledge Base

Endpoint SWAT

0
Login to vote
Chetan Savade's picture
Chetan Savade Symantec Employee Technical Support Accredited
Endpoint Status monitor. - Comment:07 Feb 2013 : Link

Hi,

I would recommend to enable tamper protection if you are not sure why you have disabled it.

Follow these steps to enable it.

1. Double-click shield icon to bring up SEP client UI.

2. Click Change Settings > Client management > Configure Settings

3. Switch to the Tamper Protection tab, and either change the action to Log the event only or uncheck the option Protect Symantec security software from being tampered with or shut down.

4. Click OK.

5. After completing task requiring tamper protection to be disabled, restore tamper protection to the previous setting.

 

Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&

0
Login to vote