Endpoint Protection

 View Only

  • 1.  Hardening the SEP 12.1 client

    Posted May 24, 2013 02:44 PM

    I just took over SEP for my company and relatively new to the product. What can I do to ensure users cannot disable or remove SEP? Are there any best practice guides available?



  • 2.  RE: Hardening the SEP 12.1 client
    Best Answer

    Posted May 24, 2013 02:45 PM

    To password-protect the client

    1. In the console, click Clients.

    2. Under Clients, select the group for which you want to set up password protection.

    3. On the Policies tab, under Location-independent Policies and Settings, click General Settings.

    4. Click Security Settings.

    5. On the Security Settings tab, choose any of the following check boxes:

      • Require a password to open the client user interface

      • Require a password to stop the client service

      •  Require a password to import or export a policy

      • Require a password to uninstall the client

    6. In the Password text box, type the password.

      The password is limited to 15 characters or less.

    7. In the Confirm password text box, type the password again.

    8. Click OK.

     

    How do you lock down SEP client interface so that end users cannot disable components or modify settings.

    http://www.symantec.com/docs/TECH136678

    How to block a user's ability to disable Symantec Endpoint Protection on Clients

    http://www.symantec.com/docs/TECH102822

    How to restrict users from making configuration changes to the Symantec Endpoint Protection client.

    http://www.symantec.com/docs/TECH102370

    Good article here:

    http://www.symantec.com/connect/articles/how-disable-sep-features-client-gui-sep-121



  • 3.  RE: Hardening the SEP 12.1 client

    Broadcom Employee
    Posted May 24, 2013 02:53 PM

    SEP Application Control policy to protect executable file registry configuration

    http://www.symantec.com/docs/TECH171301



  • 4.  RE: Hardening the SEP 12.1 client

    Trusted Advisor
    Posted May 24, 2013 03:00 PM

    Hello,

    Here are few Articles which may assist you to do the opposite of what you want -

    How to prevent SEP features from being disabled in the client GUI in SEP 12.1

    http://www.symantec.com/docs/TECH168990

    How to block a user's ability to disable Symantec Endpoint Protection on Clients

     

    In your case, you want to "Enable user's ability to disable Symantec Endpoint Protection on Clients for trobleshooting purpose (temporarily)."

    Go to the Specific client group --> Policies --> Location specific setting --> Client user interface settings --> Edit settings -->  check Allow user to enable and disable firewall

    NTP final-2_2_0.JPG

    Check on client, as you can see tab is Enabled.

    Again, Check this Thread:

     

    Secondly for Hardening Symantec Endpoint Protection with an Application and Device Control Policy to increase security

    http://www.symantec.com/business/support/index?pag...

    How the Application and Device Control Hardening policy works

    http://www.symantec.com/business/support/index?page=content&id=TECH132307

    SEP Application Control policy to protect executable file registry configuration

    http://www.symantec.com/docs/TECH171301

    Hope that helps!!


  • 5.  RE: Hardening the SEP 12.1 client

    Posted May 24, 2013 03:08 PM

    Thanks