Attempts to register Targeted Attack Analytics (TAA) service using a Symantec License File (.slf) fail within the User Interface (UI) of Advanced Threat Protection (ATP) Platform.
A proxy is specified in the ATP global settings
The upgrade history of the ATP management server or ATP AllInOne includes upgrade from ATP 3.0.5 to ATP 3.1.0.
From Symantec Engineering reproduction in test lab:
Symantec resolved this issue in the next version of ATP Platform software. Please upgrade to Symantec Endpoint Detection and Response 4.0.0.
After the issue is resolved, to confirm that TAA events arrive at ATP from SEP clients, at the SEP client, type:
start cmd /k echo TAA-EICAR:EicarActor
An event delivery from the SEP client to ATP/SEDR depends on the idle state of the machine thus we can't define the time parameters of the event delivery to ATP/SEDR. We are working to improve this in future by improving SEP client throttling mechanism.