When I create a custom client installation package in the Symantec Endpoint Protection Manager console for key-logger, it doesn't install those settings on the client.

I created a custom client package in Symantec Endpoint Protection Manager and configured the client to scan for keylogger with high sensitivity.  This setting did not get deployed on a workstation.  I exported the package correctly, but it's not keeping the keylogger settings.
victor2008Asked:
Who is Participating?
 
jhalapradeepCommented:
Hi,

All I did was,
1)under clients tab->policies-> AV&AS-> disabled inheritance -> convert to non-shared.
2) Exported the package with only AV&AS and PTP,  under install settings, selected to maintain all logs, policies &  settings option. and selected the group on which this policy is applied and exportedit.
3) Installed and verified if that setting was present and it was the same settng as we configured prior to package creation.

yes this should work absolutely fine without any issue, please let me know the results.

Regards,
pradeep Jhala
0
 
ccc88Commented:
Custom settings overrides normal settings.  It assumes you know what you are doing.  You need to make the new settings manually after using Custom as your option.
0
 
victor2008Author Commented:
Let's assume I don't know what I'm doing, how would I configure the SEP package to keep the keylogger settings that I've set? I've configured the settings manually.  
Picture-1.png
0
Live Q & A: Securing Your Wi-Fi for Summer Travel

Traveling this summer? Join us on June 18, 2018 for a live stream to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
ccc88Commented:
Is there not a SAVE button available?  Make sure you have Administrative privileges in your current login.
0
 
jhalapradeepCommented:
Hi,

First of all: the screen shot that you have uploaded is not a part of the "creating installation package" or exporting the package.
-This is part of the policy that you have set in the SEPM console.

Please check these steps:
1) Create a client group in which you need this key logger scanning setting.
2) Now go to clients tab
3)under clients tab click on policies tab
4) Now UNCHECK the option " inherit policies and settings from parent group"
5) Click on Antivirus and antispyware policy and select " convert to non-shared policy.
6) Now change the keylogger settings that you require.
7) Now you can export the client installation package for this group you created.
8) once you deploy this client and as soon as it gets installed, it will checkin to SEPM console and acquire this policy immediately.

=> Make sure the policy inheritance is OFF and the policy is converted to NON-SHARED.

Regards,
Pradeep Jhala
Symantec Technical Specialist (Endpoint Security)
0
 
victor2008Author Commented:
Thanks Jhala,

I did exactly what you describe, and the computer that I deployed the custom package on does not get the keylogger settings, but does get the other custom settings.  policy inheritance is OFF and the policy is converted to NON-SHARED.
0
 
jhalapradeepCommented:
Hi,

Ok, so in your custom package, have you installed all the three components, (Antivirus & antispyware, Proactive Threat Protection and Network Threat protection)?

->And if yes, did you tried restarting the client computer after SEP installation and checked if the policy settings gets updated automatically?

Regards,
Pradeep Jhala
0
 
victor2008Author Commented:
Hi, I exported as "Antivirus, Antispyware and TruScan Proactive Threat Scan". I didn't want the firewall component because we use the Windows firewall.  Could not including the firewall cause the keylogger setting not to get deployed?  I've exported another package but haven't tested it yet.  On this one I've locked all the settings, I also unchecked the save as exe.  (I need an msi file).
0
 
jhalapradeepCommented:
Hi,

There is no need to install NTP(Firewall) for this, the package you created is fine.
Yes one of the point is to lock the settings.
I just tried to test one and it works fine with no issues.

Regards,
Pradeep Jhala
0
 
victor2008Author Commented:
Thanks a million, Pradeep!  I'll test it today and let you know how it goes.
0
 
victor2008Author Commented:
Worked this time, thanks!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.