I have not resolved my issue as there
is no way to resolve this issue presently. What i need is for SEP to monitor the status
and the startup type of the Symantec Endpoint Protection service. Currently if I stop the service, tamper protection will restart it, as expected. This is good. But if one of my users, who is a local admin, changes the startup type to disabled and reboots, tamper protection will not change the startup type back to automatic and start the service. SEP stays disabled.
I would expect it to do this.