Tamper Protection Status in Symantec Endpoint Protection (SEP)


 

Tamper Protection is one of the most important features of Symantec Endpoint Protection. It protects the clients services and registry keys from being tampered with (disabled/deleted, etc.).  Malware will typically try to disable the antivirus software, making this feature extremely useful to SEP Administrators.

While many of the status messages can be resolved directly from the console, there are two that require manual intervention immediately – “not reporting” and “malfunction.” These introduce risk in the environment and are the vulnerable systems that can be exploited.

With SOLVE for SEP, administrators can easily report on machine details and status – automatically feeding this information in your ticketing system for quick resolution.

SOLVE for SEP – Tamper Protection Status

 

A complement to your existing Symantec Endpoint Protection (SEP) infrastructure, SOLVE – the Simple OnLine Visualization Engine is a data visualization, reporting, analytics and tuning platform that connects directly to your SEP environments. SOLVE also provides detailed SEP feature status for other components as well: Download Advisor, Sonar, and Memory Exploit Mitigation Status.

 

For questions about how NorthStar can help with optimizing your Symantec Endpoint environment, please contact us via your favorite form of communication:

Email: connect@northstar.io  |   Phone: 312-421-3270  | SOLVE for SEP