Symantec Endpoint Protection (SEP) Clients lose connection to Symantec Endpoint Protection Manager (SEPM) and logon attempts to SEPM may fail with no error message, but result in a "frozen" or "hung" SEPM Console.

The SymDiag diagnostic tool may get stuck while collecting a *.tmp file.

The computer on which SEPM is installed has vsepflt.sys, a VMWare driver, installed.
The vsepflt.sys driver may be installed as part of some of the following VMWare applications:

• VMwareTools
• VSphere
• VShield

The vsepflt.sys driver version can be one of the following:

• 5.0.0.2 (as part of VMware Tools version 8.6.11.20852)
• 5.1.0.1 (as part of VMware Tools version 9.0.5.21789)

Restarting the Symantec Endpoint Protection Manager Webserver service temporarily resolves the problem

The vsepflt.sys driver causes a deadlock with file rename operations.
When SEPM processes incoming client or content data it needs to rename some *.tmp files, but since the files are deadlocked by the vsepflt.sys driver, this processing cannot complete.
This deadlock leads to a resource exhaustion on SEPM's Webservice causing it to reject client communications or SEPM Console logon attempts.  

Please contact VMWare support for updated versions.

The vsepflt.sys issue has been resolved in the following VSphere builds:
5.0 u3 (Released around 17th October 2013)
5.1 u2 (Released around 16th January 2014)
5.1 p03 (Released around 3rd October 2013 )

Updated vsepflt.sys drivers may also be included VMWare Tools updates.