About mixed controls in Symantec Endpoint Protection (SEP).
SEP - 14
For clients in mixed control, you can determine which managed options you want users to configure or not. Managed options include settings in a Firewall policy, an Intrusion Prevention policy, and the client user interface settings.
For each option, you can assign it to server control or you can assign it to client control. In client control, only the user can enable or disable the setting. In server control, only you can enable or disable the setting. Client control is the default user control level. If you assign an option to server control, you then configure the setting in the corresponding page or dialog box in the Symantec Endpoint Protection Manager console. For example, you can enable the firewall settings in the Firewall policy. You can configure the logs in the Client Log Settings dialog box on the Policies tab of the Clients page.
You can configure the following types of settings:
See Client User Interface Mixed Control Settings: Client/Server Control Settings
See Configuring firewall settings for mixed control.
See About the Symantec Endpoint Protection firewall.
See Enabling or disabling network intrusion prevention or browser intrusion prevention.