How to enable blocked devices when SEP client is not connected to Symantec Endpoint Protection Manager.

book

Article ID: 179903

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

 

Resolution

 NOTE: Disabling of Device and Application driver will not solve the issue. The devices are blocked directly by OS level, not by our Sysplant driver.

 

1.)     Use the following procedure to export the client profile settings from.

 

a)       From another SEP client which doesn’t have the Device and Application control rules, or does not block the devices.

 

-          Go to client Interface

-          Click on “Help and Support”

-          Choose troubleshooting

-          Under Policy profile click on “Export”

-          Save file as “policy.xml”

 

-          Copy the profile.xml file to impacted machine

 

-          Import the profile.xml by using the button “Import” next to “Update” button under Policy profile.

 

b)       From SEPM’s group which doesn’t have the Device and Application control rules, or does not block the devices. (LSProfile.xml)

 

-          Get the LSProfile.xml from SEPM

 

How to manually apply the policy from a Symantec Endpoint Protection Manager (SEPM) group to an Symantec Endpoint Protection (SEP) Client.

http://www.symantec.com/business/support/index?page=content&id=TECH103129&locale=en_US

 

-          Copy LSProfile.xml to the impacted machine

-          Disable network card to prevent policy rewrite.

-          Import LSProfile.xml

 

2.)     Use the blocked devices

3.)     Enable network card, the original policy will be rewritten, and devices will get blocked once again.