Video Screencast Help

Network Application Monitoring - Disabled at SEPM, still running on Clients

Created: 29 Mar 2013 | 11 comments


We recently upgraded to SEPM 12.1 and started installing SEP 12.1 clients on various workstations/servers.

We are now being prompted by Network Application Monitoring to allow programs access to the network.



This feature is disabled accross the board in SEPM.



Has anyone seen this issue?

Is there any solution/workaround?

Operating Systems:

Comments 11 CommentsJump to latest comment

K33's picture


You need to enable Enabled application

How to set up learned applications in the Symantec Endpoint Protection Manager


Article:TECH102994 | Created: 2007-01-29 | Updated: 2010-08-17 | Article URL


Check this how to enable

_Brian's picture

What's the exact version of SEP/M?

Are the clients in Client Mode? Could it be possible a few enabled it? How many clients are affected?

You did verify it was OFF on the Policies tab on the Clients page? Are thle clients currently connecting to the SEPM to get the latest policy?

keith.stf's picture

SEP/M: 12.1.2015.2015

All clients are in client mode, no exceptions.

All 12.1 clients are effected. 11.x clients are not.

All effected clients are connecting to SEPM and have the correct policy.



_Brian's picture

Set a client to Server Mode as a test and check it again. In Client Mode, users have full control, maybe some enabled it.

If not the case, I would suggest a support call than. Since you're on latest SEPM perhaps it is a unknown bug. I have not seen this but I'm in Server Mode. Users have no rights to do anything to SEP in my environment.

keith.stf's picture

Wait a minute!

I meant server mode, they are all in server mode.

My apologies.


_Brian's picture

Ahhh ok. Not sure than, sounds like a possible bug. Since you're on the latest SEPM version, it may be something that is not yet known.

Chetan Savade's picture


I have not seen this before could you please provide us screenshot with details?

For testing purpose can you create a new default policy to test the result?


Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

keith.stf's picture

Hi Chetan,

Thanks for looking at this.

Here is a shot of the popup we get.


Here you can see we have this feature disabled at the top level.



I have created a test group under My Company and left policy inheritance checked.

I moved my notebook to this group, confirmed the policy updated.


So far, I am unable to duplicate the issue.

Is there some other policy setting that causes these popups?

_Brian's picture

Do you have any firewall rules where the action is set to "Ask"?

I've seen this box when a rule is configured with this Action.

_Brian's picture

Unless there is some hidden setting we're all missing, I'm leaning towards a bug.