Ok,
So what I want to do is prevent users from being able to make any changes on the client side. THey shouldn't be able to shut off Antivirus, run scans, run live update, specifically use the change setting button, etc.. Then as I push the cleint out to the rest of the PC's I can decide what I need to put back on if anything by department.
I was able to grey out Live update easily under policies > Live Update > and editing the default policy
This forces them to get updates when I want to push them to them after testing.
The rest of the options are a total pain to find to deny button clicking (grey out) options - WHY?
I searched around on here in the forums and the software help. The best info I found was messing with the locks under Policies > Antivirus and AntiSpyware. That did a whole lot of nothing to lock any kind of user access abilities. Personally I didn't a thing change but whatever.
I was able to grey out the option "Disable Network Threat Protection"
Found in : Clients > selected the users OU I am pulling from AD > Policies > Location-Specific settings > Client User Interface Control Settings :
I switch to mixed control
Customized mixed control and moved everything to server on Client/Server Control Settings
On the Client User Interface Setting I unchecked - Allow users to enable and disable Network Threat Protection. (This greyed out option for users to change)
Can enyone tell me where to find the rest of these disable settings, seem to me they could have put the together in the first place but that would make to much sense!
I would be looking for detailed paths to turn them off or a link to quality documentation!
Thanks
FYI - why is there only a product selection below for small business edition of end point or end point protection (antivirus)???? I am using EndPoint protection 11, no notes of it being small business.