Communication between the Symantec Endpoint Protection (SEP) Clients and the Symantec Network Access Control (SNAC) Enforcer is using UDP traffic on port 39999. Clients are not authenticated by SNAC Enforcer.
Network Threat Protection of SEP 12.1 does not pass UDP traffic on port 39999 correctly if it includes a firewall rule to block all traffic.
The issue has been resolved in SEP 12.1 RU5 and higher.
Download the latest version of Symantec Endpoint Protection:
Workarounds for SEP 12.1 pre-RU5: