The SPOC service fails to send policy to one or more Symantec Endpoint Protection (SEP) clients which are registered and online for Symantec Endpoint Detection and Response (SEDR) management server or Symantec AllInOne.

Steps to reproduce:

1. Raise spoc log to debug via CLI
2. Edit ECC2.0 policy in SEDR UI

Result: debug spoc log shows spoc sends policy to only 1 of 2 test clients.

Expected: around timestamp "2019-06-13 21:20:38,472" where ATP send policy to one client, it
should have another debug log item to send policy to other client

Example log entry:

central_manager.log:
019-06-13 21:20:38,398 INFO SimpleAsyncTaskExecutor-1 (AssociatePolicyToEndpoint.java:sendBump:155)
Sending Bump num of endpoints:1[][<ENDPOINT_ID>]

• SEPM Controller connection configured
• one or more SEP client groups included within the Group Inclusions settings of the SEPM Controller connection
• multiple SEP clients registered with SEDR and online

Sensitive data removed

Symantec is investigating at this time.