Endpoint Protection

Hey Guys,

We have removed the Disable Symantec End Point Protection from the Icon in the Task bar (As here http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110514540148)

This is fine if the user is not a local admin. However in our environment users are local admins. How can we Gray this out or remove it from the SEP Client?


Thanks
Skip

To to that go to the policy ..
- Click on general setting..
- go to Security setting..
- Check the first option.

Hope this helps..

Thanks Saeed,

However we want users to be able to open up the Client and navigate around


Thanks
Skip

Dear Skippy

Ur query is quite confussing to me. the post and the comment seems to me differen. Could u plese elaborate what exactly u want to perform??
I guess u donot want the managed clients to dissable the SEP, is that so???

Then go to the policy tab & edit the  Anitvirus and Antisyware policy & click on the lock next to each tab this disable the user to change any setting it will gray out at the client end.

First Step:
Note: This is the basic step for turning off the option to "Disable Symantec Endpoint Protection" from the client:
Open the Symantec Endpoint Protection Manager.
Click on the Policies tab on the far left side.
Under View Policies in the middle column highlight Antivirus and Antispyware.
Highlight your current policy on the right side under Antivirus and Antispyware Policies, if needed create a new policy and highlight.
From under the Tasks menu in the middle column select Edit the Policy, and a new window will open.
Take note of the menu in the upper left corner of the new window.
Navigate through every link in the menu and look for the paddle lock symbols.
Every paddle lock symbol will need to be locked. To do so click on the lock and it will go from an unlocked state to a locked state.
This must be done in every link, and from within every tab from within the link.

Second Step:
Note: Although not required this step will keep Network Threat Protection from being turned off at the client:
Open the Symantec Endpoint Protection Manager.
Click on the Clients tab on the far left side.
Click on the Policies tab in the upper right window.
Click on Location-specific Settings.
Select Server Control and a new window will open.
Make sure Server Control is selected, and click the Customize button next to it. A new window will open after that.
Uncheck "Allow Users to Enable and Disable Network Threat Protection"

Hi Ajitjha,

We do not want the users to be able to disable SEP from the taskbar. I have followed this guide http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110514540148 and it works fine for users that are not in the local administrators group. However the above link doesn’t work with local administrators, all of our users are local administrators.

Saeed’s advice does remove the option for any user to disable SEP, however it also prompts for a password when the user wants to open up the SEP UI, which we don’t want.

Does this help?

Ok

Follow these steps:

1. Log in to the SEPM
2. Click the the client tab
3. Select the Group and click policy
5. Uncheck the policy inheritance
6. Expand the Location-specific settings.
7.Click Server Control
8.Select server control and click customize.
9.Un check Allow users to Enable and disable Network Threat protection.
10.Click Ok

U r done with that,,  jsut update the policies

To cofirm that the client has received the policy:

you should check the policy serial number in the client interface Help & Support->Troubleshooting page.

Compare the last three digits with the policy serial number from SEPM,  details page after highlighting the group in clients tab.

Cheers,
Aniket

Hi Skippy... We had the same issue...
Local admins has rights to disable apps or stop services...
Here was the link we had a few weeks earlier...

https://www-secure.symantec.com/connect/forums/how-block-users-ability-disable-symantec-endpoint-protection-clients

If you already have resolution, please append it..
thanks...