The purpose of the "sisips" user in Symantec Critical System Protection (SCSP)
Last Updated December 13, 2016
Questions about password for sisipsdaemon in CSP. Why does SCSP use the sisips user?
The sisips user does not have a password, and the account is locked by default. Because of this it can not be used to login to the box. You can only SU to the sisips user once you are already logged in as root. The sisips user is used by sisipsdaemon and sisipsutildaemon so that they can run under a non-root user (sisips) which is best for security as they have to communicate over the network ( i.e. with the SCSP server ).
Also the Agent wil run a script if password aging is enabled on a system to stop sisips from get a password change popup, here is everything about that:
Looking at a customer GAI I see the following in the agent_intsall.log
12/03/16 00:11:49: checkPasswordAging: user 'sisips'...