EUCweb
commented
3 years ago URL you posted is not valid, I think you mean this one https://knowledge.broadcom.com/external/article/155835/endpoint-protection-nonpersistent-virtu.html
Open JamesKindon opened 4 years ago
EUCweb
commented
3 years ago URL you posted is not valid, I think you mean this one https://knowledge.broadcom.com/external/article/155835/endpoint-protection-nonpersistent-virtu.html
tschuegy
commented
3 years ago I can spoke from my customer environments. The feature "temper protection" is active and recommended. In this case, you cannot delete any related symantec files or registry values that are in the protected area of SEP. Also you cannot add the registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\SMC\IsNPVDIClient".
We do set this value during installation with a MST file. This is the one and only way we can set this value without disabling the agent or moving to an other SEP location.
When you know a better way without disabling the agent or moving to another location, please let me know.
As per Symantec/Broadcom documentation, for SEP 14 (maybe older) there is a virtualization key that needs to be set on the endpoint to identify the machine as a virtual desktop, this impacts licencing and how machines are handled within SEP
Good addition to BIS-F i think :)
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/using-in-virtual-infrastructures-v57269588-d81e6/using-in-non-persistent-virtual-desktop-infrastruc-v75342792-d81e1119/how-to-manage-the-license-count-for-non-persistent-v75347177-d81e1218.html