SNAC/SEP Client - how to enable or disable FW and AV from command line (CLI)?

SMC-stop n Start , should do the trick to stop n start the complete SEP Package

AFAIK, If you want to disable individual components, you can use the settings of each component.
If you stop Symantec Endpoint protection service, then AV will be stopped

Coz All the components are interlinked with SMC Process.

yep, its part of workaround, but for a while we disable all security features on the client which is not a very secure sollution for me.
But is a workaround, if You know any command line to start some feature only (like av or fw) gimme an info,

thanks
Dave 

Are you looking for such a document?

This document will give you some MSI command line options which
help you for installing sep with certain features

MSI command line reference for Symantec Endpoint Protection
11.0

its nice document AravindKM but it not reffer to my question/problem,

I need to check that SEP with SNAC firewall and antivirus is running and if not start it separetaly or both (for example to start only AV if it is not running or to start only FW if it is not running).

this doc is rader useful to deploying or modificying SEP/SNAC installations, its useful but I need something to enable (start) SEP firewall or antivirus probably from commandline (maybe there is another way to do it?)

reg
Dave

For
disabling NTP from SEPM console

1.In
the console, click Clients,
and then under View Clients, select the group

that
includes computers for which you want to enable/disable NTP.

2 In the right pane, select the Clients tab.

3 Do one of the following actions:

■
In the left pane, under View Clients, right-click the group for
which you

want
to enable Auto-Protect.

■
In the right pane, on the Clients tab, select the computers and
users for

which
you want to enable Auto-Protect, and then right-click the selection.

4 Click one of the following commands:

■
Run Command on Group > Enable Network
threat protection

■ Run
Command on Clients > Enable Network threat protection

Same way you
can disable it also

More informations regarding command line options you can find in Appendix A of admin guide.. 

I hope this is wat u are expecting, u can use the following in cmd prompt
i hope you have not enabled Password requirement to do the same.

I think by stopping SMC alone, AV will still function. (u can test by using eicar)
SMC _STOP

If you want to stop AV alone the use
net stop "symantec Antivirus"

so AravindKM, I need a sollution to do a command line commands not a commands via SEPM Console :)

Acertian, which version of SEP U test? in MR5 and probably MR4 there is no Symantec AntiVirus Service (there is a service Symantec Endpoint Protection)...and there is no strict one service to Network Treat Protection (I dont know such one),
so We have situation when we just can't start a service to FW(NTProt) and AV (if service called Symantec Endpoint Protection is started) AV can be disabled (teoretically, in fact I never test it is true disabled :P)

list of services in SEP Agent MR5 (5003):
1. Symantec Endpoint Protection (formally Symantec AntiVirus)
2. Symantec Event Manager (formally ccEvtMgr)
3. Symantec Management Client (formally SmcService)
4. Symantec Network Access Control (formally SNAC)
5. Symantec Settings Manager (formally ccSetMgr)

my question was... 
how to start AV Engine or FW (NTProt) Engine in SEP separetally from command line commands, so how to convert to commands action like this:
1. on SEP Agent GUI U click on Antivirus Protection Options and choose Enable Antivirus and Antispyware Protection
2. on SEP Agent GUI U click on Network Threat Protection Options and choose Enable Network Threat Protection

slowly Im going to beleve that there is no such command that can be send via cli...

regards
Dave

 For your Firewall and AV ( file system autoprotect)  just create a script to change these reg values.

 In the registry, check the value at HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\SMC\smc_engine_status. If it's 0 (zero) NTP is disabled, if it's 1 (one) NTP is enabled.

File System Auto-Protect

HKEY_LOCAL_MACHINESOFTWARESymantecSymantec EndpointProtectionAVStoragesFilesystemRealTimeScan

OnOff : 1- means enabled 0 - means disabled

I tested this in MR4
In that case try using Net Stop "Symantec Endpoint Protection" to stop AV alone and check the same.. i'm not sure though., i'll try to upgrade and check
 

 Net Stop "Symantec Antivirus" will stop SEP service

For the Firewall Teefer2 Miniport service is responsible but it does not accept stop or puase command it only accepts Start command..
So for the firewall 

Try this

to turn off

Vikram Kumar,

good to know this 2 values, but...
do You test it?

I change smc_engine_status from regedit... wait 5mins... nothing happens :( its just a value that service/application write but it looks like nothing check this value when its run (or no), so no changes are made until U do "smc -stop"  and then "smc -start", but as I said before I dont want to:
- doing smc -stop on clients
- doing it as a script on clients
- i have customers with a lot of clients... (5000+)

so its not a sollution Vikram, hmm, but there have to be a possibility to do same command as SEPM Console do to a client when admin click on a client and send command to enable or disable NTProt or AVProt, hmm, but how? its a command, but maybe not a commandline command ??

kind regards
Dave