Proactive Threat Protection (PTP) definitions are current, but its status remains OFF on systems running Windows Server 200x, Windows 7 or a 64-bit version of Windows XP


Article ID: 178120


Updated On:


Endpoint Protection


Why does the PTP status show as OFF even though it is receiving updates on systems running Windows Server 200x?

A client installation package for Symantec Endpoint Protection 11.0.x or 12.x SBE client software is configured to include Antivirus and Antispyware Protection and Proactive Threat Protection (PTP). It is applied to a system running Windows Server 200x. Antivirus and Antispyware Protection is operating normally, but although PTP receives regular updates its status stays OFF.


This is expected behavior.


The "Scan for trojans and worms" and the "Scan for keyloggers" options are currently not supported on Windows server operating systems or 64-bit Windows XP Professional. The "Scan for keyloggers" option is also not supported on Windows 7.

Intrusion Prevention System (IPS) technology is fully compatible with Windows server operating systems, and should be used to protect all servers.
Note: Proactive Threat Protection is not the same thing as IPS. Proactive Threat Protection is not compatible with server operating systems.

In order to enable IPS, you must have the client firewall portion of Symantec Endpoint Protection installed and running. This can seem like a problem if you want to run IPS but do not want to use the firewall. To work around this, withdraw the firewall policy. This ensures that IPS is enabled and protecting your network without forcing you to use the client firewall.

For additional information, please refer to the "Readme.txt" available on the SEP CD, or contact Symantec Technical Support for assistance.

For additional Information about enabling IPS on a server OS visit the Knowledge Based Document: Best practices regarding Intrusion Prevention System technology .