Most or all of the SEP clients remain in a state of "Authentication Pending" during registration of Symantec Endpoint Protection (SEP) clients with Symantec Advanced Threat Protection (ATP) Platform.
The Registration Statistics of the ATP Platform UI show most or all SEP clients as "Authentication Pending".
When you navigate directly to ATP Platform UI with the IP address, the certificate is not accepted by the browser. When you navigate to ATP UI with the FQDN, the certificate is accepted by the browser.
ATP certificate was created with the Fully Qualified Domain Name (FQDN) of the ATP Platform management server, but the settings of ATP Platform point the policy at the ATP management server use the IP address or short host name. When a SEP client attempts to register for EDR 2.0 with ATP management server, this mismatch causes the TLS handshake to fail. This can leave one or more SEP clients in an "Authentication Pending" state.
To correct the mismatch:
Within ATP UI, navigate to Settings> Global
In the section "Endpoint Detection, Response...", click on the three dots on the left side of the SEPM Controller connection.
Click SEP Policies
Change the name of the connection from the IP address or short host name of the ATP Platform to the FQDN of the ATP Platform.
Subscribing will provide email updates when this Article is updated. Login is required.