The Endpoint Security Agent includes self-defense functionality that can prevent it from being shut down, disabled, or tampered with in any way. If a user performs any of the following activities, the device is automatically rebooted to restore the correct system configuration:
Using Windows Task Manager to terminate any Endpoint Security Agent processes.
Stopping or pausing any Endpoint Security Agent services.
Removing critical files and registry entries. If a change is made to any registry keys or values associated with the Endpoint Security Agent, the registry keys or values are immediately reset.
Disabling NDIS filter driver binding to adapters.
By default, agent self defense is not enabled.
Agent self defense is enabled or disabled through the Agent Security settings in ZENworks Control Center.
In ZENworks Control Center, click Configuration.
In the Management Zone Settings section, click Device Management, then click ZENworks Agent.
In the Agent Security section, turn on the Enable self defense for the ZENworks Agent option.
Click OK (at the bottom of the page) to save the changes.
By default, the Endpoint Security Agent is configured to use the Agent Security setting configured in ZENworks Control Center. However, the Endpoint Security Agent also provides a local setting that you can use to enable or disable self defense. This local setting overrides the agent self defense setting configured in ZENworks Control Center.
Make sure you have enabled the device to accept an override password. For information, see Section A.0, Override Password.
Open the Endpoint Security Agent About dialog box. See Working with the Endpoint Security Agent.
Click Settings.
In the Agent Self Defense section, select from the following settings:
Enabled: Enables Client Self Defense.
Disabled: Disables Client Self Defense.
Policy: Uses the agent self defense setting configured in ZENworks Control Center.
Click Set.
Click Close to exit the dialog box.