The customer wants to deny access to packages for non-authenticated users.

Anonymous access for PackageShare on Package Servers is controlled with the "Package Service Settings" policy under the "Security Settings" section.

However, this does not apply to Symantec Management Platform (SMP server).

To disable anonymous access to packages hosted on the SMP Server and allow only authenticated users to access package share and packages, do the following:

•  Open the IIS manager on the SMP server
•  Select PackageShare web app
•  Change the Authentication feature to:
  • Anonymous Authentication - disabled
  • Windows Authentication - enabled

Note:
This only applies to Default Web Site and not Symantec Agent, which is dedicated to Cloud-enabled Management where authorization is based on client certificates.