Document ID:2007121007424548 Last Modified:04/07/2009

Symantec Endpoint Protection: How to remove Network Threat Protection and Email Tools through the Symantec Endpoint Protection Manager.

Situation:

The Symantec firewall (Network Threat Protection) is blocking communications, and disabling it is insufficient.

Solution:

If a computer, especially the server, has an unmanaged client installation of Symantec Endpoint Protection, change its installation to a managed client by using the following document: "Manually making an unmanaged Symantec Endpoint Protection client, managed." at URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007082009543848 If there is no pre-existing firewall on the network, configure the Firewall Rules in the Endpoint Protection Manager. For testing, use Rule 9: Allow All, by moving it up to the top Checking communications status Then move it down one rule at a time Applying the policy Checking communications. When communications become blocked, the rule immediately above "Allow All" will need to be configured. If there is a pre-existing firewall, or if difficulties persist even when the "Allow All" rule has been promoted to the top, proceed with the below: Create and apply an Install Package with only AntiVirus and AntiSpyware, in the Symantec Endpoint Protection Manager. Part I - Create a custom feature set Select the Admin view. Click Install Packages. Select View Install Packages, click Client Install Feature Sets. Select Tasks, click Add Client Install Feature Set.. Type Only AV No Email in the Name box. Uncheck all except AntiVirus and AntiSpyware at the top. Click OK. You should see "Only AntiVirus No Email" listed under "Client Install Feature Sets", default. Part II - Assign and deploy the custom feature set Click the Clients View. Select the client group you would like to modify. Under the Install Packages tab open the "Add Client Install Package window": If there is no package listed under "Package Name": Select "Add a Client Install Package" from the Tasks menu Ensure that the correct package WIN32BIT or WIN64BIT package displays in the Select the package to use for upgrading clients in this group: field If there is already a (WIN32BIT or WIN64BIT) install package in use, double-click that package or highlight it Select Edit Client Install Package under Tasks. From the "Add Client Install Package window", In the Client Features section, disable the Maintain existing client features when updating option. From the Select the features you want to use drop down list: Select Only AntiVirus No Email and click OK. Under the Clients tab, from the Tasks menu: click Run Command on Group Select Update Content. When a managed client has received the update, it will show only the AntiVirus and AntiSpyware component in its client interface. Note: To remove Network Threat Protection from an unmanaged Symantec Endpoint Protection client, please see the following document: "How to uninstall/remove Network Threat Protection feature from Endpoint Protection" at URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110814373848

References:

This document is available in the following languages: Brazilian-Portuguese: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/br_docid/20080228100935935 French: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/fr_docid/20080229145931935 German: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/de_docid/20080229145953935 Italian: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/it_docid/20080229150014935 Spanish: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/es_docid/20080228101004935

Document ID:2007121007424548 Last Modified:04/07/2009

Does this document answer your question? Yes No Maybe, need to test None of the above Is this document well written and easy to use? Submit specific suggestions to improve the quality of this document.

Product(s): Endpoint Protection 11
Operating Systems(s):
Date Created: 12/10/2007