Hi,
Thank you for posting in Symantec community.
Tamper Protection provides real-time protection for Symantec applications that run on servers and clients. It prevents threats and security risks from tampering with Symantec resources. You can enable or disable Tamper Protection. You can also configure the action that Tamper Protection takes when it detects a tampering attempt on the Symantec resources in your network.
Typically you should keep Tamper Protection enabled.
You might want to disable Tamper Protection temporarily if you get many false positive detections. You can create exceptions for false positive detections.
For example, some third-party applications might make the changes that inadvertently try to modify Symantec settings or processes. If you are sure that an application is safe, you can create a Tamper Protection exception for the application.
See Changing Tamper Protection settings