Endpoint Protection

Hi,

    I just want to know if there is a way to exempt user mode in the policy?

HI,

Please clear your answer ?

Please check this thread as per my understanding your question

https://www-secure.symantec.com/connect/forums/need-help-sepm-firewall-policies-single-clients

Use can set the password to remove the user interferance

Securing the Symantec Endpoint Protection (SEP) client user interface and settings.

How to block a user's ability to disable Symantec Endpoint Protection on Clients

Policy is applied on groups..so it cannot exclude or include user/computer.

Hello,

I agree. Policies are applied to the groups and the SEP computers reporting to these groups.

Are these Clients installed in User Mode or Computer Mode?

If incase, they are in User Mode, try Switching a client between user mode and computer mode.

Secondly, check this Article:

Symantec Endpoint Protection 11.x and 12.1 User Mode Considerations: Client Mode Registration explained

http://www.symantec.com/docs/TECH157004

I would recommend you import active directory users and apply them to groups for this situation to work the best.

Hope that helps!!

Hi Mithun,

    Most of the clients are installed in user mode. I just want to know if there is a way to exempt a user from the applied policy. Here's the scenario. I applied application control, I blocked a certain application. And as an admin, I want to exempt myself to the said policy.

Well, that's the point of using user mode - for example if there is a particular user A that has assigned the Application control policy you speak of, and there is the administrator that does not have this policy assigned. If you log out the user A, and log in as the Administrator the policy will not apply as it is a different user.

http://www.symantec.com/docs/TECH102686

https://www-secure.symantec.com/connect/forums/computer-mode-vs-user-mode-0

...as per above articles:

User mode:
The policies change, depending on which user is logged on to the client. The policy follows the user.

Hello,

I agree with Sabestian's comment above.

Hi All,

    Is there any article that clears the issue of exempting user mode on the policy? Thanks.

Have a look at these - maybe will be helpful to you:

When does the Symantec Endpoint Protection client switch to user mode?

http://www.symantec.com/docs/TECH147033

https://www-secure.symantec.com/connect/forums/reason-clients-switching-usermode-automatically

Switching a client between user mode and computer mode

http://www.symantec.com/docs/HOWTO80734

Hi All,

I need some clarification. All of our clients are set to User Mode. We have machineA that under Group A, and that group has the policy of firefox blocking. When we login to machineA using UserA, we are unable to use firefox, and that is correct. When we try to login UserB to machineB that under Group B (without policy of firefox blocking), we are able to use firefox. When we try again to login to machineB using UserA, still we are unable to use firefox. And when we try to login to machineB using UserC, we inherit the policy of UserA. Why UserC inherit the policy of UserA, though UserC is under another group that no policy of firefox blocking?  (I hope you understand my explanation, sorry)

Thanks.