This content has been marked as final. Show 4 replies
If the user has local Admin rights, if they know what they are doing, they can kill any process (with special tools).
For the average user, you described exactly what you want to do... Enable Access Protection to prevent termination of McAfee services and then password protect the User Interface to prevent them from disabling Access Protection.
Just set or modify a policy for the version of VirusScan you have under Access Protection.
Password Control is under the User Interface Options.
I've already done everything you've mentioned. The problem is that even if a desktop support person supplies the correct password and unlocks the GUI, the policy will still prevent them from disabling the OAS or stopping any of the McAfee services.
I'm looking for a solution that will prevent average users from stopping these processes/services, but will be flexible enough to allow a desktop person to stop them, provided he knows the password to unlock the console. Unfortunately right now, unlocking the console isn't enough to be able to stop them since the policy is still preventing them from doing so.
Am I making sense here?
The support agent will have to disable Access Protection first, then they will be able to disable McAfee services normally.
Worked perfectly, thank you so much.