Network Application Monitoring is enabled on Symantec Endpoint Protection (SEP) 12.1 Small Business Edition (SBE) clients when installed with the 'full protection' feature set to one of the pre-created groups: My Company; Laptops and Desktops; Servers.
If application behavior on a SEP 12.1 SBE client triggers SEP Network Application Monitoring, then a message will display asking the user to block or allow the application. If this request is not answered before the timeout period expires then SEP will block the application.
A review of Symantec Endpoint Protection Manager (SEPM) 12.1 SBE policies and local SEP 12.1 SBE client settings does not provide a method to modify Network Application Monitoring settings.
SEP 12.1 SBE clients should not have Network Application Monitoring enabled. This feature is enabled for the pre-created groups (My Company; Laptops and Desktops; Servers); however, the SEPM user interface does not provide a method to modify Network Application Monitoring settings.
This issue is noted as resolved with SEP 12.1 Release Update 1 (RU1), 12.1.1000. Please migrate to this build.
Workaround: This issue only affects the pre created groups (My Company; Laptops and Desktops; Servers) and does not affect user-created groups. If migration is not possible at this time, move affected clients to user-created groups.
SEP 12.1 SBE managed client assigned to one of the pre-created groups (My Company; Laptops and Desktops; Servers) with the 'full protection' feature set.
CRT reviewed and determined the 12.1 SMB product is not supposed to have Network Application Monitoring enabled.
Imported Document ID: TECH167268
Subscribing will provide email updates when this Article is updated. Login is required.