Hello friends,

I need your help, i need an advice, 

so i want to make next to implement in our infrastructure:

1. To block all wi-fi connections on laptops and allow only certain wi-fi SSID

2. To block all torrent clients on endpoints

3. To block all game content running on endpoints

i need to resolve these tasks exactly with SNAC... What will be the best solution to me? Thanks in advance guys

Have you considered the Application and Control Device policies in SEP - these can block as well all that you require and may be easier to implement than with SNAC:

1.

How to block all Wireless traffic when an Ethernet interface is active using Symantec Endpoint Protection

http://www.symantec.com/docs/TECH104970

https://www-secure.symantec.com/connect/forums/blocking-unauthorized-wifi-networks

2.

https://www-secure.symantec.com/connect/articles/what-do-p2p-applications-do-and-how-block-peer-peer-applications-p2p-using-symantec-endpoin

https://www-secure.symantec.com/connect/forums/block-peer-peer-connections

3.

https://www-secure.symantec.com/connect/downloads/how-block-games

How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage

http://www.symantec.com/docs/TECH97618

Thank you very much SebastianZ, this type of solution kind of similar to me,

but i need a solution exactly by SNAC... I wil be grateful to you if you could find any article about this scenario, or generate your own solution :)

thanks

You are using SNAC with SEPM or with Enforcer?

Everything is done using the HI policy you can check the various options under the policy page

Creating and testing a Host Integrity Policy

Hi,

Please check.

http://service1.symantec.com/SUPPORT/ent-security.nsf/ppfdocs/2008052110185348?Open&dtype=corp&src=&seg=&om=1&om_out=prod

https://www-secure.symantec.com/connect/forums/how-block-all-wireless-traffic-when-ethernet-interface-active

https://www-secure.symantec.com/connect/forums/blocking-wireless-and-network-dial-traffic-when-ethernet-interface-active

Well application execution is not exactly what SNAC is meant for - some reference:

http://service1.symantec.com/support/ent-security.nsf/docid/2007090400355348?Open&seg=ent

https://www-secure.symantec.com/connect/forums/what-symantec-network-access-control-client

The Symantec Network Access Control client evaluates whether a computer is properly protected and compliant before it is allowed to connect to the corporate network.

The Symantec Network Access Control client validates and enforces policy compliance for the computers that try to connect to the network. This validation and enforcement process begins before the computer connects to the network and continues throughout the duration of the connection.

However.... under the Host Integrity templates -> HI Sample Toolkits you should be able to find one template for termination of applications with certain fingerprint - maybe this can help you a bit. Still searching if I can find any other preconfigured templates...

1. HI / SEP Firewall

2. HI/Firewall/IPS

3. you would need tofind what games you want to block, There is no technology to search and block games installed or standalone.(portable exe's, scr files, DOCX or  XLSX embedded games, flash games etc. )