|Solution:||If a computer, especially the server, has an unmanaged client installation of Symantec Endpoint Protection, change its installation to a managed client by using the following document:|
"Manually making an unmanaged Symantec Endpoint Protection client, managed." at URL:
If there is no pre-existing firewall on the network, configure the Firewall Rules in the Endpoint Protection Manager.
When communications become blocked, the rule immediately above "Allow All" will need to be configured.
- For testing, use Rule 9:
- Allow All, by moving it up to the top
- Checking communications status
- Then move it down one rule at a time
- Applying the policy
- Checking communications.
Part I - Create a custom feature set
- If there is a pre-existing firewall, or if difficulties persist even when the "Allow All" rule has been promoted to the top, proceed with the below:
- Create and apply an Install Package with only AntiVirus and AntiSpyware, in the Symantec Endpoint Protection Manager.
- Select the Admin view.
- Click Install Packages.
- Select View Install Packages, click Client Install Feature Sets.
- Select Tasks, click Add Client Install Feature Set..
- Type Only AV No Email in the Name box.
- Uncheck all except AntiVirus and AntiSpyware at the top.
- Click OK.
- You should see "Only AntiVirus No Email" listed under "Client Install Feature Sets", default.
Part II - Assign and deploy the custom feature set
- Click the Clients View.
- Select the client group you would like to modify.
- Under the Install Packages tab open the "Add Client Install Package window":
- If there is no package listed under "Package Name":
- Select "Add a Client Install Package" from the Tasks menu
- Ensure that the correct package WIN32BIT or WIN64BIT package displays in the Select the package to use for upgrading clients in this group: field
- If there is already a (WIN32BIT or WIN64BIT) install package in use, double-click that package or highlight it
- Select Edit Client Install Package under Tasks.
- From the "Add Client Install Package window",
- In the Client Features section, disable the Maintain existing client features when updating option.
- From the Select the features you want to use drop down list: Select Only AntiVirus No Email and click OK.
- Under the Clients tab, from the Tasks menu: click Run Command on Group
- Select Update Content.
When a managed client has received the update, it will show only the AntiVirus and AntiSpyware component in its client interface.
Note: To remove Network Threat Protection from an unmanaged Symantec Endpoint Protection client, please see the following document:
"How to uninstall/remove Network Threat Protection feature from Endpoint Protection" at URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110814373848