Endpoint Protection

How to diasble the modifciation of service "Disaply Name - Symantec Management Client" and "Service Name - SMCSERVICE"

Below are the step

1. In the console, click Clients.
2. Under View Clients, select the group for which you want to set up password protection.
3. On the Policies tab, Policies and Settings, click General Settings.
4. Click Tamper Protection.

5. On the Tamper Protection tab, Check the "Protect Symantec security software from being tampered with or shutdown"

6. Then Ok.

Apply the same policy on that group where you required.

Hope it come help you
 

Make sure tamper protection is enabled.

You can also set a password on the client(s):

Additionally, you can create and application and device control policy to block changes to files/folders on the SEP clients.

Hello,

I totally agree with Robin and Bryan's comment.

In your case, you could Enable and Lock the Tamper Protection feature and perform the steps provided in these articles below:

Password-protecting the Symantec Endpoint Protection client and services.

http://www.symantec.com/docs/HOWTO55487

How do you lock down SEP client interface so that end users cannot disable components or modify settings.

http://www.symantec.com/docs/TECH136678

How to block a user's ability to disable Symantec Endpoint Protection on Clients

http://www.symantec.com/docs/TECH102822

How to restrict users from making configuration changes to the Symantec Endpoint Protection client.

http://www.symantec.com/docs/TECH102370

Again, Check this Thread:

https://www-secure.symantec.com/connect/forums/how-do-i-temporary-enable-users-ability-disable-symantec-endpoint-protection-clients

Hope that helps!!

Helpful Inofrmation. :)