If the Symantec Endpoint Protection Manager (SEPM) does not have internet connectivity, the scm-server-0.log and scm-server-1.log files will show an unexepcted server error connection time out when services for the SEPM first start. This is expected, if the SEPM does not have internet access.

scm-server-0.log:

2019-07-29 10:17:20.470 THREAD 146 SEVERE:  in: com.sygate.scm.server.task.SecurityDataTask java.net.ConnectException: Connection timed out: connect

...

2019-07-29 22:17:20.471 THREAD 146 SEVERE: com.sygate.scm.common.communicate.CommunicationException: Failed to connect to the server

The SEPM does not have internet connectivity to our security response website and is generating failure messages due to the ThreatCon lookup failing. 

Edit the SEPM's conf.properties file and add the line as described below.  (Default location: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties)

1. Go to <SEPM>\tomcat\etc folder
2. Use text editor to open conf.properties
3. Add the following line: scm.server.securitydatatask.disabled=true
4. Save the change and restart SEPM service