When I create a custom client installation package in the Symantec Endpoint Protection Manager console for key-logger, it doesn't install those settings on the client.

I created a custom client package in Symantec Endpoint Protection Manager and configured the client to scan for keylogger with high sensitivity.  This setting did not get deployed on a workstation.  I exported the package correctly, but it's not keeping the keylogger settings.
victor2008Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ccc88Commented:
Custom settings overrides normal settings.  It assumes you know what you are doing.  You need to make the new settings manually after using Custom as your option.
0
victor2008Author Commented:
Let's assume I don't know what I'm doing, how would I configure the SEP package to keep the keylogger settings that I've set? I've configured the settings manually.  
Picture-1.png
0
ccc88Commented:
Is there not a SAVE button available?  Make sure you have Administrative privileges in your current login.
0
Make Network Traffic Fast and Furious with SD-WAN

Software-defined WAN (SD-WAN) is a technology that determines the most effective way to route traffic to and from datacenter sites. Register for the webinar today to learn how your business can benefit from SD-WAN!

jhalapradeepCommented:
Hi,

First of all: the screen shot that you have uploaded is not a part of the "creating installation package" or exporting the package.
-This is part of the policy that you have set in the SEPM console.

Please check these steps:
1) Create a client group in which you need this key logger scanning setting.
2) Now go to clients tab
3)under clients tab click on policies tab
4) Now UNCHECK the option " inherit policies and settings from parent group"
5) Click on Antivirus and antispyware policy and select " convert to non-shared policy.
6) Now change the keylogger settings that you require.
7) Now you can export the client installation package for this group you created.
8) once you deploy this client and as soon as it gets installed, it will checkin to SEPM console and acquire this policy immediately.

=> Make sure the policy inheritance is OFF and the policy is converted to NON-SHARED.

Regards,
Pradeep Jhala
Symantec Technical Specialist (Endpoint Security)
0
victor2008Author Commented:
Thanks Jhala,

I did exactly what you describe, and the computer that I deployed the custom package on does not get the keylogger settings, but does get the other custom settings.  policy inheritance is OFF and the policy is converted to NON-SHARED.
0
jhalapradeepCommented:
Hi,

Ok, so in your custom package, have you installed all the three components, (Antivirus & antispyware, Proactive Threat Protection and Network Threat protection)?

->And if yes, did you tried restarting the client computer after SEP installation and checked if the policy settings gets updated automatically?

Regards,
Pradeep Jhala
0
victor2008Author Commented:
Hi, I exported as "Antivirus, Antispyware and TruScan Proactive Threat Scan". I didn't want the firewall component because we use the Windows firewall.  Could not including the firewall cause the keylogger setting not to get deployed?  I've exported another package but haven't tested it yet.  On this one I've locked all the settings, I also unchecked the save as exe.  (I need an msi file).
0
jhalapradeepCommented:
Hi,

There is no need to install NTP(Firewall) for this, the package you created is fine.
Yes one of the point is to lock the settings.
I just tried to test one and it works fine with no issues.

Regards,
Pradeep Jhala
0
victor2008Author Commented:
Thanks a million, Pradeep!  I'll test it today and let you know how it goes.
0
jhalapradeepCommented:
Hi,

All I did was,
1)under clients tab->policies-> AV&AS-> disabled inheritance -> convert to non-shared.
2) Exported the package with only AV&AS and PTP,  under install settings, selected to maintain all logs, policies &  settings option. and selected the group on which this policy is applied and exportedit.
3) Installed and verified if that setting was present and it was the same settng as we configured prior to package creation.

yes this should work absolutely fine without any issue, please let me know the results.

Regards,
pradeep Jhala
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
victor2008Author Commented:
Worked this time, thanks!!!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.