As designed, DLP Endpoint has a challenge-response mechanism and it's protected from unauthorized removal. The administrator can uninstall the challenge-response mechanism using the ePolicy Orchestrator (ePO) console. There are also situations where you must uninstall DLP Endpoint in the field using the Microsoft Windows Add or Remove Programs function. This action requires a challenge-response key.
Under normal circumstances, when a user tries to perform DLP agent removal operations through the Microsoft Windows
Add or Remove Programs page, DLP
Access Protection Settings block the action.
To disable
Show challenge response on uninstall:
- Log on to the ePO console.
- Click Menu, Policy, Policy Catalog.
- Select Data Loss Prevention x.x as required and change the Category drop-down to Client Configuration.
- Duplicate the My default policy and enter a unique name.
- Open the newly created policy. In the left pane, select Advanced Configuration.
- In the right pane, locate Access Protection Settings. Set the Show challenge response on uninstall drop-down option to Disable.
- Click Save and assign the policy to the target client.
NOTE: The client receives the policy update when it connects to the ePO server during the next agent-server communication interval. The default for this interval is 60 minutes, but performing an agent wake-up call pushes the policy update to the client system immediately.
- After the agent wake-up call has completed, restart the affected clients.
