search cancel

Enable the Unmanaged Detector in Endpoint Protection Manager

book

Article ID: 151614

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

How to enable the Unmanaged Detector in Symantec Endpoint Protection Manager (SEPM).
 

Resolution

Requirements to use a computer as an unmanaged detector

  1. The Symantec Endpoint Protection (SEP) client on this machine must have both features of Network Threat Protection (NTP) installed and enabled. These two features are Firewall and Intrusion Prevention. 
  2. The computer must be in computer mode.
  3. The machine must be on all the time.
  4. Symantec Network Access Control cannot be enabled on this client. (This can be determined by opening the SEP user interface. Network Access Control will be listed after Network Threat Protection.)

 

To enable the Unmanaged Detector

  1. Open "Symantec Endpoint Protection Manager".
  2. Click Clients.
  3. Select the group which contains the client chosen to be an Unmanaged Detector.
  4. Click the Clients tab.
  5. Right click the client and select "Enable as Unmanaged Detector".

 

To see if unmanaged clients are being detected, go to the home page and click "View Details" in the Security Status area

  • When the Security Status Details window appears, select "Unknown Device Failures".
  • Total Detected Unknown Devices will show how many devices are unmanaged. This will include access points, routers, switches and other devices in addition to computers.
  • To filter extraneous devices, go back to the clients page and right click on the Unmanaged Detector. Choose "Configure Unmanaged Detector" and add the IP or Mac addresses of the devices to be filtered.