Endpoint Protection

Hi,

I am implementing system lockdown in my environment which consist of 14 workstations. All the workstations has the same images.

I run a fingerprint scan on one of the workstation using checksum.exe and add in to my SEP manager, i turn on system lockdown in test mode using the list of fingerprints i have scanned from that particular workstation.

I click on the view unapproved application button, and discovered that there is a lot of unapproved applications. I tried to run another fingerscan on another workstation which has the list of unapproved applications and compare it with the existing list.

it appears that they have the same fingerprint but seems like SEP is not able to recognise it. I have also tried adding in the files that are being block to the list manually by stating the path, but i'm still getting the same result.

Please advice how can i get my system lockdown to work properly.

Thanks

i assume you may have undergone these links, if not check '

About system lockdown
http://www.symantec.com/business/support/index?page=content&id=HOWTO27322

Configuring system lockdown
http://www.symantec.com/business/support/index?page=content&id=HOWTO55130

Running system lockdown in test mode
http://symantec.com/docs/HOWTO55131

Enabling system lockdown to block unapproved applications
http://symantec.com/docs/HOWTO55132

System lockdown prerequisites
http://symantec.com/docs/HOWTO27321

Setting up system lockdown
http://symantec.com/docs/HOWTO27320

Hello,

I would also suggest you to check these Articles, since you have machines carrying same images.

1) How to prepare a Symantec Endpoint Protection 12.1 client for cloning (image)

http://www.symantec.com/docs/HOWTO54706

2) How to repair duplicate IDs on cloned Symantec Endpoint Protection 12.1

http://www.symantec.com/docs/TECH163349 

3) Configuring system lockdown

http://www.symantec.com/docs/HOWTO55130

Hope that helps!!