Video Screencast Help

feature in Symantec Endpoint Protection 12.1

Created: 31 Jul 2013 • Updated: 04 Aug 2013 | 11 comments
Sachin Sawant's picture
This issue has been solved. See solution.

Hi support,

Please tell me any feature are available in SEPM. to remotely un install security software vai SEPM.

Operating Systems:

Comments 11 CommentsJump to latest comment

mkeil's picture

Additionally, you can use the SEPprep Tool and include it together with a configuration into a client package:



Please "Mark as Solution" if my post is useful

AjinBabu's picture


What's new in version 12.1

The current release includes the following improvements that make the product easier and more efficient to use.

Table: New features in version 12.1



Better security against malware

The most significant improvements include the following policy features to provide better protection on the client computers.

·         The Virus and Spyware Protection policy detects threats more accurately while it reduces false positives and improves scan performance with the following technologies:

o    SONAR replaces the TruScan technology to identify malicious behavior of unknown threats using heuristics and reputation data. While TruScan runs on a schedule, SONAR runs at all times.

o    Auto-Protect provides additional protection with Download Insight, which examines the files that users try to download through Web browsers, text messaging clients, and other portals. Download Insight uses reputation information from Symantec Insight to make decisions about files.

o    Insight lets scans skip Symantec and community trusted files, which improves scan performance.

o    Insight Lookup detects the application files that might not typically be detected as risks and sends information from the files to Symantec for evaluation. If Symantec determines that the application files are risks, the client computer then handles the files as risks. Insight Lookup makes malware detection faster and more accurate.

·         The Firewall policy includes firewall rules to block IPv6-based traffic.

·         The Intrusion Prevention policy includes browser intrusion prevention, which uses IPS signatures to detect the attacks that are directed at browser vulnerabilities.

Faster and more flexible management

Symantec Endpoint Protection Manager helps you manage the client computers more easily with the following new features:

·         Centralized licensing lets you purchase, activate, and manage product licenses from the management console.

·         Symantec Endpoint Protection Manager registers with Protection Center version 2. Protection Center lets you centralize data and integrate management of Symantec security products into a single environment. You can configure some of the settings Protection Center uses to work with Symantec Endpoint Protection Manager.

·         The Symantec Endpoint Protection Manager logon screen enables you to have your forgotten password emailed to you.

·         Symantec Endpoint Protection Manager includes an option to let any of the administrators in a site reset their forgotten password.

·         You can configure when and how Symantec Endpoint Protection Manager restarts the client computer, so that the restart does not interfere with the user's activity.

·         The Monitors page includes a set of preconfigured email notifications that inform you of the most frequently used events. The events include when new client software is available, when a policy changes, license renewal messages, and when the management server locates unprotected computers. The notifications are enabled by default and support the BlackBerry, iPhone, and Android.

·         The Home page displays the high-level reports that you can click, which makes the Home page simpler and easier to read. The Home page also displays a link to notifications about log events that you have not yet read.

·         Improved status reporting automatically resets the Still Infected Status for a client computer once the computer is no longer infected.

·         You can now configure Linux clients to send log events to Symantec Endpoint Protection Manager.

Better server and client performance

To increase the speed between the management server and the management console, database, and the client computers:

·         The management server performs automatic database cleanup tasks to improve the server-client responsiveness and scalability.

·         Virus and spyware scans use Insight to let scans skip safe files and focus on files at risk. Scans that use Insight are faster and more accurate, and reduce scan overhead by up to 70 percent.

·         LiveUpdate can run when the client computer is idle, has outdated content, or has been disconnected, which uses less memory.

Support for Mac clients

In Symantec Enterprise Protection, you can configure the polices for Mac clients based on a location as well as a group.

Improved installation process

You can install the product faster and easier than before with the following new installation features:

·         The Symantec Endpoint Protection Manager installation wizard lets you import a previously saved recovery file that includes client-server connection information. The recovery file enables the management server to reinstall existing backed-up certificates and to automatically restore the communication to the existing clients.

·         The management server Web service uses Apache instead of IIS. You do not need to install IIS first, as you did in previous versions.

·         The Client Deployment Wizard quickly locates unprotected computers on which you need to install the client software. The wizard also provides an email deployment link so that users can download the client software by using the Web. The wizard makes client software faster and easier to deploy.

·         You can upgrade to the current version of the product while the legacy clients stay connected and protected.

·         A new quick report for deployment shows which computers have successfully installed the client software.

Support for additional operating systems

Symantec Endpoint Protection Manager now supports the following additional operating systems:

·         VMware Workstation 7.0 or later

·         VMware ESXi 4.0.x or later

·         VMware ESX 4.0.x or later

·         VMware Server 2.0.1

·         Citrix XenServer 5.1 or later

Symantec Endpoint Protection Manager now supports the following Web browsers:

·         Internet Explorer 7.0, 8.0, 9.0

·         Firefox 3.6, 4.0

The Symantec AntiVirus for Linux client now supports the following additional operating systems:

·         RedHat Enterprise Linux 6.x

·         SUSE Linux Enterprise Server and Enterprise Desktop 11.x (includes support for OES 2)

·         Ubuntu 11.x

·         Fedora 14.x, 15.x

·         Debian 6.x

For information about using the Symantec AntiVirus client on Linux, see the Symantec AntiVirus for Linux Client Guide.

Better Enforcer management in Symantec Endpoint Protection Manager

You can manage the Enforcers more easily by configuring the following Enforcer settings in Symantec Endpoint Protection Manager:

·         Ability for the clients in an Enforcer group to synchronize their system time constantly by using the Network Time Protocol server.

·         You can more easily update the list of MAC addresses with the following improvements:

o    For the DHCP Integrated Enforcer, you can import a text file that contains the MAC address exceptions that define trusted hosts.

o    For the LAN Enforcer, you can add, edit, and delete the MAC addresses that the Host Integrity checks ignore by using the following features:

MAC Authentication Bypass (MAP) bypasses the Host Integrity check for non-802.1x clients or the devices that do not have the Symantec Network Access Control client installed.

Ignore Symantec NAC Client Check bypasses the Host Integrity check for 802.1x supplicants that do not have the Symantec Network Access Control client installed.

o    You can add individual MAC addresses or use wildcards to represent vendor MAC strings. You can also import the MAC addresses from a text file.

o    You can add MAC addresses with or without an associated VLAN, which allows multiple VLANs to be supported.

New Network Access Control features in Symantec Endpoint Protection Manager

Symantec Endpoint Protection Manager includes the following additional functionality for Symantec Network Access Control:

·         Enforcer management server lists can include management servers from replication partners. Enforcers can connect to any management server at any site partner or replication partner.

·         The Compliance logs for the Symantec Network Access Control client provide additional information about log events and Host Integrity check results. You can now see which requirement caused a Host Integrity check on a client computer to fail.

·         LiveUpdate downloads Host Integrity templates to management servers. Therefore, client computers can get the Host Integrity policies that include updated Host Integrity templates.

·         Enforcer groups support limited administrator accounts and administrator accounts as well as system administrator accounts. For a large company with multiple sites and domains, you probably need multiple administrators, some of whom have more access rights than others.

New Enforcer features

Symantec Network Access Control includes the following new features:

·         64-bit support for the Integrated Enforcers.

·         Support for the Network Policy Server (NPS) with the Microsoft Windows Server 2008 (Longhorn) implementation of a RADIUS server and proxy. The Enforcer can now authenticate the clients that run Windows Vista or later versions and that use 802.1x authentication.

·         For the DHCP Integrated Enforcer, you can selectively turn on scope-based enforcement for the scopes that you define.

·         The Gateway Enforcer supports both 802.1q trunking and On-Demand Clients at the same time. You can designate a single VLAN on a multiple trunk VLAN to host On-Demand Clients.

·         Support for the guest enforcement mode, which enables the Gateway Enforcer to act as a download server for On-Demand Clients. The Gateway Enforcer downloads On-Demand Clients to guest computers, enabling the clients to communicate to the Enforcer through the guest computers' Web browsers. In the guest enforcement mode, the Gateway Enforcer does not forward inline traffic.

·         Support for On-Demand Client "persistence": the capability to be "live" for a designated period.

·         The local database size has been increased to 32 MB to accommodate a larger number of MAC addresses.



Sachin Sawant's picture

Hi mkeil,

I know SEPprep Tool, very well and i use also but my project site (client site) not give a permission to use SEPprep tool becoz of prep tool not supported by Symantec.

Brɨan's picture

SEPM does not currently offer a way to remove SEP client remotely. You need to use a third party tool or Symantec's SEPPrep.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture


There is no option to remote uninstall from the SEPM.

Check this Article:

Methods for uninstalling Symantec Endpoint Protection

Secondly, Take a glance at these 3 links and let me know if this answers your question.

For removing previous version of Symantec products you can use the SEPprep tool:

...otherwise please note if you are upgrading to newer SEP version - uninstalling of previous SEP client is not necessary. Installer can without issue migrate from previous versions.

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Chetan Savade's picture


Thank you for posting in Symantec community.

I would be glad to answer your query.

Q. Please tell me any feature are available in SEPM. to remotely un install security software vai SEPM.

--> You can uninstall third party antivirus software using SEPM console. But you can't remove SEP client remotely with the help of SEPM.

Check this article to know more about it.

Third-party security software removal support in Symantec Endpoint Protection 12.1 RU2

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

SameerU's picture


There is tool available but you cannot remove it remotely


Ambesh_444's picture

Agreed with above comments, Even I dont think so we can remotly remove.

there is no option available in SEPM

Thank& Regards,


"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."