Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

How to disable 'Disable Symantec Endpoint Protection' Option from Right-click menu

Created: 27 Nov 2008 • Updated: 21 May 2010 | 7 comments
This issue has been solved. See solution.

Hello,

 

I am trying to disable the 'Disable Symantec Endpoint Protection' Option from Right-click menu on SEPM clients through EndPoint Manager Console Settings, but it seems that I am not able to find right optionfor this purpose.

 

Can somebody guide me step-by-step, how to do this.

 

Comments 7 CommentsJump to latest comment

Lissome's picture

On the left of some checkbox in policy settings in SEPM must be icon of the lock. If icon is unlocked lock it means user can change this setting in SEP. If you click on that icon it will became locked and user will cannot change this setting. So find setting "Enable real-time auto-protect" (i am not quite sure about name cause my test SEPM is down now) and lock it.

StefanM's picture

For Auto-Protect: 

 

- in Policies, double click the Antivirus and Antispyware policy you are using (on the right side)

- go to File Syste Auto-Protect

- there is an icon left of the "Enable File System Auto-Protect" check box. Click on that icon. It will change from am open lock top a closed lock

 

Protect against shut down etc:

- in Clients, go to Policies, then to General Settings, then to Security Settings. Enter passwords for the actions you want

- in General settings, check Tamper protection; check the check boxes and click the locks as desired

 - in Clients/Policies, go to Location specific Settings. There you find User interface control settings

- choose Mixed mode and set the options as desired

 

Hope that includes the settings you were searching for.

 

edit: one thing that may be disturbing: as long as you have ONE option installed that may be disabled, you have that right click option to disable "all". But it does not disable all, if you test it. I have the firewall on on one system, and there I can "disable SEP".. but it only disables the firewall module.

 

Message Edited by StefanM on 11-28-2008 07:58 AM
Dr. Watson's picture

To make it more simple ... Here's a step by steps guide for the same

 

How to block user's ability to disable Symantec Endpoint Protection on Clients

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/a6cb8ede617a1bda8825738a007dcb63?OpenDocument

 

 

cheeeers ... :) 

 

 

 

SPIPA's picture

Thanks. The solution provided worked perfectly, and solved my problem.

Thanks again.

 

SOLUTION
FloDiggs's picture

Is there a way to require a password to disable SEP?  I'd like to start blocking USB drives on the endpoints, but allow my techs to disable the block if they need to use thumb drive.    Any way to make this happen?

Dr. Watson's picture

I dont believe that its the right way to allow techs to disable SEP..

 

Good idea here is to create a different group for IT Admins and do not apply the USB blobk rule for them...

 

There is no way to set a password to disable SEP...  There is one to disable he smc service which should not help here as the USB poilcy would still be active in that case...

 

 

cheeeeers .... :)