Hello,
Tamper Protection is still not available for 64 bit OS And the current version is 11.0.6300.xx Ru6MP3 and I think its not there even in the next release of 11.0.7000
http://www.symantec.com/business/support/index?page=content&id=TECH105052&locale=en_US
Again, The migration process does not alter the default legacy server settings. For versions prior to 12.1 and later than 11.0.6, the default Tamper Protection setting is to only log the event. Because the migrated policy settings are retained, the new policy defaults to only log the event.
Solution
After migrating to 12.1, change the Tamper Protection policy setting to "Block it and log the event". For information about changing this setting, see the Symantec Endpoint Protection and Symantec Network Access Control Implementation Guide or the in-product help.
You can also work on these steps:
- Log on to the Symantec Endpoint Protection Manager console with an administrator account.
- If you already have an Exceptions policy, proceed to step 3. Otherwise:
- Click Policies, then Exceptions.
- Click Add an Exceptions policy.
- Give the policy a suitable name, then click OK.
- Click Yes at the Assign Policy prompt.
- Place a checkmark next to the group(s) with your Citrix server(s).
- Click Assign finish assigning the policy.
- Click Monitors, then click the Logs tab.
- In Log Type, select Application and Device Control.
- In Log Content, select Application Control.
- Click Advanced Settings >>.
- In Event Type, select Tamper Protection.
- If necessary, change the Time range to a range that includes the last Tamper Protection event.
- Click View Log, you will be shown a list of Tamper Protection Violations.
- Select an appropriate violation and, at the top of the window, choose Add Process to Exception Policy, then click Start.
- Confirm the file to be excluded is correct.
- Click Policies, then Exceptions.
- Select all the Exceptions policies you wish to add the exception to.
- Click OK to complete the process.
- If you receive a message from your browser about closing the window, click Yes.
- Click Policies, then Centralized Exceptions.
- Double-click the Centralized Exception policy you added the new exception to. The policy will open.
- On the left-hand side, click Centralized Exceptions and confirm the file is listed and has an Action of Ignore.