Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

SEP 12.1.2 IPS not installed but IE and FF add-on is enabled

Created: 25 Jan 2013 | 2 comments

We have just deployed the 12.1.2 server update and client update and I created a new package to send to all endpoints.  In the package I included the firewall but not the Intrusion Prevention.  Does this mean that even though the IPS is not installed for the clients the add-on is still on the machines?  Is it part of the Network Threat Protection or just the IPS?  When I look at the protection technology on all clients in the management console it show that the intrusion prevention for IE and FF is not installed but yet the add-on is installed for all clients anyway and IE9 asks to enable/disable the add-on.  

Is this what was supposed to happen even without the IPS installed and only the Firewall installed?  If it is part of the Network Threat Protection and I create a new IPS policy, can the add-on be enabled by default without user intervention?  

Comments 2 CommentsJump to latest comment

Brɨan's picture

Yes it is separate from IPS component.You can disable from within the IPS policy. See here for all the info:

Expected behavior of Browser Intrusion Prevention

padding: 1px;padding-bottom: 3px ;font: 12px Arial; text-align: left;color: #666666; background-color:#f2f2f2">Article:TECH172174 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2;"> |  padding: 0px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2;">Created: 2011-10-19 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2"> |  padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2">Updated: 2012-11-14 padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2"> |  padding: 1px;font: 12px Arial; text-align: left;color: #666666;background-color:#f2f2f2">Article URL

Note that disabling the Browser Intrusion Prevention by policy in this manner does not actually disable the add-on within the the browser.  Instead what occurs is that the add-on enters, essentially, a passthrough mode in which it should perform no filtering.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

You can deselect the browser intrusion prevention from the IPS policy assigned to that client - the addon though still will be visible in the browser - now working only in pass-through mode and allowing everything.

The is currently no way of deselecting it from install package - as it would require disabling other features.

Alternatively you should be able to disable the addons as well from the level of the Browser itself.