Hello,
We have been using SEPM 12 and have set the policies to not allow users to disable the SEP client using the instructions found here:
https://support.symantec.com/en_US/article.TECH168...
With the policies set as found in the link above, when the users right-click on the taskbar SEP icon, the option to 'Disable Symantec Endpoint Protection' is greyed out and cannot be chosen.
We have upgraded our SEPM to version 14 and have deployed the SEP 14 client to our test group. Now if one right-clicks on the taskbar SEP icon, the option 'Disable Symantec Endpoint Protection' is no longer greyed out. After doing some digging in the policies, it looks like there is a new setting found at:
Clients -> Policies -> Intrusion Prevention Policy -> Generic Exploit Mitigation -> Enable Generic Exploit Mitigation
that must be enabled otherwise, it will allow for portions of the SEP client to be disabled.
But even with that setting in place, the option to disable SEP in the taskbar icon is still not greyed out. Is this expected behavior, or are there other settings that need to be adjusted in order to prevent users from disabling the SEP client?
Thanks.
Gilbert