The Symantec Endpoint Protection (SEP) for Mac client reports to the SEP Manager (SEPM) that Network Threat Protection (12.1+) or Network and Host Exploit Mitigation (14+) is malfunctioning.

Intrusion Prevention System (IPS) definitions are missing on the SEP for Mac client. This may be caused due to a LiveUpdate policy configuration pointing Mac clients to an internal LiveUpdate Administration (LUA) server that is not downloading or distributing IPS content for Mac correctly.

Ensure that the SEP for Mac client is able to download IPS definition content from a reliable LiveUpdate server source. If there is a proxy between the SEP clients and their LiveUpdate source, ensure it is configured appropriately not to modify the contents of the definitions in transit.