Video Screencast Help

How to block a specific software from SEPM

Created: 23 Jul 2013 • Updated: 25 Jul 2013 | 4 comments
This issue has been solved. See solution.

Hi All,

Someone can help me to block a specific software judged as high risk from SEPM ?

Regards.

Operating Systems:

Comments 4 CommentsJump to latest comment

.Brian's picture

If it's considered high risk than an AV signature will likely get it.

Now if you want to block execution of certain software which you judge to be high risk, you can use an application and device control policy.

About application and device control

Article:HOWTO80859  |  Created: 2012-10-24  |  Updated: 2013-06-06  |  Article URL http://www.symantec.com/docs/HOWTO80859

Specifically, application control:

Per the KBA

You can use application control to control applications in the following ways:

  • Prevent malware from taking over applications

  • Restrict the applications that can run

  • Prevent users from changing configuration files

  • Protect specific registry keys

  • Protect particular folders, such as \WINDOWS\system

 

You can also use the application monitoring feature. See here:

https://www-secure.symantec.com/connect/articles/h...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

You could block such websites / software, check these Articles:

How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage

http://www.symantec.com/docs/TECH97618

Configuring system lockdown

http://www.symantec.com/docs/HOWTO80848

You can also submit these suspicious files to the Symantec Security Response Team on : 

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Check this Article:

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Chetan Savade's picture

Hi,

Thank you for posting in Symantec community.

Could you please share the software name? & the risk logs.

This article can be the possible solution for you.

How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage

http://www.symantec.com/docs/TECH97618

 

Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Charry Nsasi's picture

Hi All,

Thanks alot for your answers that helped me.

Best Regards.