Endpoint Protection

 View Only

  • 1.  SEPM 12.1.RU4

    Posted May 15, 2014 02:39 AM

    Hi Team,

     

    I am using SEPM 12.1.Ru4, its showing NAC feature on SEP client. But i am not using NAC license i want to remove it from SEP client. What steps we need to follow to remove it. 



  • 2.  RE: SEPM 12.1.RU4

    Posted May 15, 2014 03:04 AM
    Removed SNAC Components in SEP client : Removing SNAC from a client http://www.symantec.com /docs/TECH144458 How to remove the Symantec Network Access Control (SNAC) module from both Symantec Endpoint Protection (SEP) Manager and Client http://www.symantec.com /docs/HOWTO44392 How to manually uninstall Symantec Network Access Control client 12.1 from Windows Vista, Windows 7, and Windows 2008 32 and 64 bit Operating Systems http://www.symantec.com /docs/HOWTO55826


  • 3.  RE: SEPM 12.1.RU4

    Trusted Advisor
    Posted May 15, 2014 03:13 AM

    Hello,

    I am assuming you are not using a Trial version.

    However, here are the steps:

    1. Open Windows Service Manager: Click on the Start button, and ClickRun..., input "services.msc", then click the Enter button to open Services.

    2. Stop the Symantec Endpoint Protection Manager and Symantec Endpoint Protection Manager Webserver services
     
    3. Navigate to the license folder, by default, it is "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\license" for 32-bit and "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\license" for 64-bit.
     
    4. Move or delete the file "SNAC.xml".
     
    5. Re-start the SEPM services.
     
    6. Log onto the SEPM and confirm that Host Integrity is not showing under Policies.
     
    7. Go to the Client and right click the SEP icon in the system notify area, and select "Update Policy".
     
    8. After the policy updates (The serdef.dat file was updated on the SEP client), reboot the client operating system.
     
    The SNAC module shouldn't be displayed on the client user interface (UI), and the SNAC service will be disabled.
     
     
    Additionally:
    If you need to re-enable SNAC in your environment, please follow above procedure and move the "SNAC.xml" back to the license folder in step 4.

    Check this Article:

    How to remove the Symantec Network Access Control (SNAC) module from both Symantec Endpoint Protection (SEP) Manager and Client

    http://www.symantec.com/docs/HOWTO44392

    Regards,


  • 4.  RE: SEPM 12.1.RU4

    Broadcom Employee
    Posted May 15, 2014 09:53 AM

    Hi,

    Thank you for posting in Symantec community.

    How it's possible though you haven't purchased the SNAC license but you could install SEPM with SNAC.

    I would request you to check with license team. In case you have purchased it's strongly recommended to use SNAC feature. It provides add on security.

    Website: http://symantec.custhelp.com
    Phone number: 1-800-721-3934
    Email: license@symantec.com

    Contact Us

    http://www.symantec.com/partners/support/contact-us.jsp

    Assistant & Information

    http://www.symantec.com/support/assistance_information.jsp

     



  • 5.  RE: SEPM 12.1.RU4

    Posted May 15, 2014 03:40 PM

    Chetan I had the same question, but I wonder if it's a language difference, or terminology difference.

    Is it possible they purchased, received and installed SNAC and license, but then found they were not using it, will not use it and want to remove it?

    I figure if you own it, it's installed, it's easier to leave it in place as it really does nothing until or unless you create some sort of policy and apply it. At least that's how I view it. I noticed no difference in performance when I finally applied simple HI policies to SNAC/SEP. I DO plan on using it eventually, it's just that it's complicated to really get it fully in place. But for now I really really find the host integrity part quite handy and useful! I've got it making registry fixes and changes, locking things down using the registry or scripts, alerting us if SCCM isn't present or "started/running" and so on. It's amazing what it can do and I'd love to learn more about it and that incredible power it has even if not used to block network access.
    I hope Symantec expands it and keeps it around as a big part of SEP. The power of SEP/SNAC together is great.