Symantec Endpoint Protection process checked by Anyconnect

snavan01 · ‎05-28-2015

Hi,

We are trying to setup a Anyconnect VPN with host scan check of Symantec Endpoint Protection ver 12.1.5 or Viper. When stopped all the service related to Viper and try Anyconnect, users are denied access as they don't have the viper running as expected. But the users who has Symantec on the PCs and killed all the process with the description Symantec are still able to VPN in. That means Anyconnect believe the Symantec process is running. Do any of you know exactly what is the process the ASA check for Symantec Endpoint Protection. Only if those users uninstall it, then they are denied access.

Can you help.... Thanks.

Chetan Savade · ‎05-29-2015

Hi,

I am Chetan Savade from Symantec Technical Support Team.

Are you monitoring smc.exe, This is the client. Controls the client-manager communication, location detection, and is the non-driver portion of Network Threat Protection.

Can refer this article: Processes and Services used by Symantec Endpoint Protection

http://www.symantec.com/docs/TECH102748

Best Regards,

Chetan

Symantec Endpoint Protection process checked by Anyconnect

Endpoint Protection Guided Resources

Expert Insights: Strengthening User & Endpoint Protection

Action Required: Duo Security guide on how to Protect Applications

Protect Cloud Applications with SSO Guided Resource

Converting Cisco Secure Endpoint Connectors from Audit to Protect mode