Prepare Windows Vista, Windows Server 2008, or Windows 7 computers: Windows User Access Control blocks local administrative accounts from remotely accessing remote administrative shares such as C$ and Admin$. You do not need to fully disable User Account Control on the client computers during the remote deployment if you disable the registry key LocalAccountTokenFilterPolicy. For more information, see the following Microsoft Knowledge Base article: http://support.microsoft.com/kb/951016
If the Windows client computer is part of an Active Directory domain, you should use domain administrator account credentials for Remote Push.
In addition, perform the following tasks:
- Disable the Windows Firewall, or configure the firewall to allow the required traffic.
- Disable the Sharing Wizard.
- Enable network discovery by using the Network and Sharing Center.
- Enable the built-in administrator account and assign a password to the account.
- Verify that the account has administrator privileges.
- Disable or remove Windows Defender
Steps to prepare computers to install Symantec Endpoint Protection 12.1.x client
Upgrade clients to SEP 12.1 by Auto upgrade feature
http://www.symantec.com/connect/articles/upgrade-clients-sep-121-auto-upgrade-feature