I'm currently doing a test pilot (about 10 Vista and Win7 32-bit PCs). All upgraded from 11 version to the latest 12.1 via push deploy. I check management console once per day and almost every day i see reports about some components disabled at various machines (usually Download Insight, sometimes SONAR and other stuff). I'm afraid to deploy it to all 220 PCs as it will flood me with such alerts. Should i ignore this and this is "normal"? Usually after some times such alerts disappear, but as i'm responsible for this system i MUST check every problem and make sure everything is working. There is no other security software on the PCs and 11 version didn't had such troubles. Should i disable browser plugin? Can i do it from the management console for all the machines?

check this document

Error: "Download Insight is disabled" on a managed Symantec Endpoint Protection 12.1 client

Hello,

What version of SEP 12.1 are you testing??

Is the Tamper Protection disabled for the SEP clients?

1. Enable the Feature in question.
2. For Tamper Protection: Login to the SEPM > Clients > Select the client group for the clients affected >  Policies tab > Settings > General Settings > Tamper Protection tab > Select "Protect Symantec security software from being tampered with or shut down"
3. As the SEP clients check in (Per Heartbeat) they will get this changed setting and enable Tamper Protection. Check the SEPM Endpoint Status after 1 heartbeat.
4. Follow the steps provided in the Articles below:

• How do you lock down SEP client interface so that end users cannot disable components or modify settings. http://www.symantec.com/docs/TECH136678
• How to block a user's ability to disable Symantec Endpoint Protection on Clients http://www.symantec.com/docs/TECH102822
• How to restrict users from making configuration changes to the Symantec Endpoint Protection client. http://www.symantec.com/docs/TECH102370

Hope that helps!!

Do you have all components enabled in the policies?

Were the machines rebooted after the upgrade from 11.x to 12.1 - during this installation upgrade is normally required and until this is done - some of the components will be disabled.

Download Insight is enabled in the policy.

I'm testing with 12.1.2015.2015. SEPM has been also updated from 11 to this 12.1 version and packages were exported for a deployment (Full protection for clients).

Tamper protection is enabled in the policy.

I have everything enabled in the policy except for Lotus Notes Auto-Protect as we don't use Lotus.

Machines were rebooted after the upgrade and many times, since upgrade was done few weeks ago and machines are turned off daily.

Any ideas? I have noticed, that if i check the console late in the day and not in the morning, then there is less such messages. It seems that it updates over the time, but at first i get messages about components disabled or out-of-date.

I have tried to disable Download Insight policy for the testing group. Doesn't change anything. Still getting notifications about out-of-date Download protection content (though it should only notify about 10 days old content).

Same here as well - running SEP 12 RU2.Showing disabled - but after a heartbeat or reboot of the machine/server it comes right..is it a bug?

Don't know yet. I have opened a case and now investigating this with a support technician.