Endpoint Protection

 View Only

  • 1.  How to block a user's ability to disable Symantec Endpoint Protection on Clients

    Posted Aug 31, 2011 02:28 AM

    Hi All,

     

    I have a problem with my newly deployed SEP 12.1 clients. I want to block the user's ability to disable SEP on client, but i couldnt.

    I followed everything it says here on this webpage:http://www.symantec.com/business/support/index?page=content&id=TECH102822&locale=en_US,

    but its still the same. 

    I have a total of 630 SEP clients. Around 60 are already SEP 12.1, the rest are still version 11.0.5002.333.

    The 570 client PCs are okay - the user's cannot disable the SEP client("Disable Symantec Enpoint Protection" option is not highlighted), but for the 60 PCs, it isn't.

     

    Any ideas regarding this matter? 

     

    Thank you.

    Geneviere

     

     

     



  • 2.  RE: How to block a user's ability to disable Symantec Endpoint Protection on Clients



  • 3.  RE: How to block a user's ability to disable Symantec Endpoint Protection on Clients
    Best Answer

    Trusted Advisor
    Posted Aug 31, 2011 11:12 AM

    Hello,

     

    You can determine the level of interaction that you want users to have on the Symantec Endpoint Protection client. Choose which features are available for users to configure. For example, you can control the number of notifications that appear and limit users' ability to create firewall rules and virus and spyware scans. You can also give users full access to the user interface.

    The features that users can customize for the user interface are called managed settings. The user does not have access to all the client features, such as password protection.

    To determine the level of user interaction, you can customize the user interface in the following ways:

    • For virus and spyware settings, you can lock or unlock the settings.

    • For firewall settings, intrusion prevention settings, and for some client user interface settings, you can set the user control level and configure the associated settings.

    • You can password-protect the client.

     

    To password-protect the client

    1. In the console, click Clients.

    2. Under Clients, select the group for which you want to set up password protection.

    3. On the Policies tab, under Location-independent Policies and Settings, click General Settings.

    4. Click Security Settings.

    5. On the Security Settings tab, choose any of the following check boxes:

      • Require a password to open the client user interface

      • Require a password to stop the client service

      •  Require a password to import or export a policy

      • Require a password to uninstall the client

    6. In the Password text box, type the password.

      The password is limited to 15 characters or less.

    7. In the Confirm password text box, type the password again.

    8. Click OK.

     

     

     

    Check this Article which may helps you with all the Information you are looking for:

    How do you lock down SEP client interface so that end users cannot disable components or modify settings.

    http://www.symantec.com/docs/TECH136678

    How to block a user's ability to disable Symantec Endpoint Protection on Clients

    http://www.symantec.com/docs/TECH102822

    How to restrict users from making configuration changes to the Symantec Endpoint Protection client.

    http://www.symantec.com/docs/TECH102370

    Hope this helps!!!



  • 4.  RE: How to block a user's ability to disable Symantec Endpoint Protection on Clients

    Posted Aug 31, 2011 08:36 PM

    Hi,

    I followed the link you gave me and found a solution posted by Paul.

    Thanks. It was helpful. 

     

    Regards,

    Geneviere



  • 5.  RE: How to block a user's ability to disable Symantec Endpoint Protection on Clients

    Posted Aug 31, 2011 08:40 PM

    Hi,

    Thanks this was really helpful.

     

    Regards,

    Geneviere