Password protect the AClient interface
Make sure your AClient interface is password-protected. I assume everybody does this.
Hide the agent icon
Agent Settings > Security > Hide Agent
Create a script or Group Policy to keep the service running
A group policy could force the system to check the status of Altiris services and start them if someone has stopped them.
Why are they disabling the AClient?
Don't ignore political or relational means. For example, why is the user disabling the AClient? We had a web developer sitting only a few desks away who would disable it because he believed it was slowing down his computer. We were able to look at it and determine that the issue wasn't the AClient at all. You may want to take this as an opportunity to explain to the user why the AClient is an important tool to keep the computer running properly.
Or does your company have a policy which covers this issue, where users are disabling a management tool? If so, you may wish to make the user aware of the policy.