Some or all Symantec Endpoint Protection 11.0.5002 (RU5) clients or higher are not getting content updates from configured Group Update Providers.
A group of Symantec Endpoint Protection 11.0.5002 (RU5) clients or higher are configured with a "Single" or "Optional" Group Update Provider (GUP).
Under the very specific circumstance set out in the above Symptoms section, a client does not attempt to contact the GUP.
This problem is fixed in Symantec Endpoint Protection 11.0.6300.803 (RU6-MP3). For information on how to obtain the latest build of Symantec Endpoint Protection, read Obtaining an upgrade or update for Symantec Endpoint Protection - http://www.symantec.com/docs/TECH103088.
In the client sylink log, you will see the client obtain the GUP list from the SEPM. Since no GUP is on the client's subnet, it will not use any GUP from the GUP list. At this point the client should instead use the GUP assigned as the "Single" or "Optional" GUP. Instead, it re-randomized the download timer (if download randomization is configured) and requests the GUP list again. This will repeat until the client fails over to the SEPM after the configured bypass timer configuration.
If the GUP bypass timer is configured for "Never", the client will immediately access the Single/Optional GUP once it determines that none of the GUPs contained within the GUP list are on the same subnet as the client.