Why is the Symantec Network Access Control Service Running On My Endpoint Computer?
search cancel

Why is the Symantec Network Access Control Service Running On My Endpoint Computer?

book

Article ID: 154173

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

It is noticed that the Symantec Network Access Control (SNAC) Service is running on Symantec Endpoint Protection Clients when network access control is not being used.  Because there are no SNAC or Host Integrity (HI) policies being used, it is confusing as to why the SNAC service is running.

Cause

This is by design.  The SNAC service and components are automatically installed on every SEP client, so that the client is ready to accept any SNAC or HI policies that may be used at a later date (for instance, if the SNAC capability is added to the SEP Manager in the future).

Also, there are key security components on the SEP client that always use the SNAC service, even when the SNAC components are not installed on the manager.

Resolution

SNAC is installed by default and you cannot remove it. If we are not using Host Integrity/SNAC by default, its Stopped and in Manual state.

If the service is attempted to be removed or stopped, the automatic repair features of Symantec Endpoint Protection will reinstall.