The newly updated Symantec Protection Suite Small Business Edition 4.0 contains Symantec Endpoint Protection 12.1. As part of that offering, there is a module called “Tamper Protection,” which is designed to prevent any form of malware from adversely affecting the operation of the Symantec Software.
As a managed service provider, I am using a third-party software product to monitor and maintain the health of my clients’ servers and workstations. The software takes an inventory of a variety of things and reports back to the data center on a regular basis. I get to view the results on my web-based portal.
Somehow, and quite unfortunately, Symantec Endpoint Protection thinks each of these activities is a threat to its existence, and the default setting for Tamper Protection is to block any offending program. When it does, it places an entry in the Windows Event log.
![SEPM_EventID45 Windows EventID 45](http://www.heliotropicsystems.com/blog/wp-content/uploads/SEPM_EventID45.png)
Windows EventID 45
Of course, my MSP software is designed to keep trying to get its information back to the data center – so the Event log just fills up with EventID 45 records as it struggles against Symantec Endpoint Protection.
There has to be some way of preventing this.
Read More →