Endpoint Protection

I have set the settings for stopping the Endpoint Protection service in my group to require a password. But after updating the policy at the client I can still go to my services.msc and stop/disable the service.

If I set a password to open the client that does work. We are running 11.0.4202.75. What gives?

Have you followed this document.

How to block user's ability to disable Symantec Endpoint Protection on Clients

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110514540148

please check these discussions.

https://www-secure.symantec.com/connect/forums/sep-client-disable

the option what you set for password is for Symantec management service but not for symantec endpoint protection service, this option is still under progress.

http://www.symantec.com/connect/idea/require-password-stop-symantec-endpoint-protection-service

You won't need password for Stopping Symantec Endpoint Protection srvice but you will need for Symantec Management Client service ( smc -stop will ask you password ) 

I hope they fix this soon. This is a major flaw in the program. I have configured my firewall with rules so that one of my groups cannot access the internet. This group needs local admin rights. So anyone one of those users with a little tech knowledge can simply stop the symantec endpoint service then access the internet. I am very disappointed, its an easy backdoor way to by Endpoint security.

 Symantec Endpoint Protection service is only for Antivirus and Antispyware and PTP Scan feature.

You firewall Rules will still work even if this service is stopped ( symantec endpoint protection service = rtvscan.exe)

Few users would just install AV and AS in there network
It would be good if they add this feature very soon :) 

You will find that even with the service stopped SEP is actually still running.
Try stopping the service and then dropping an eicar test file onto the machine and see what happens.

Z