Symantec Protection Engine (SPE) scan fails and logs show "Error Message = socket error: getpeername: ENOTCONN". Log entry looks similar to the following:
Jul 12 18:46:22 HOSTNAME symcscan: The Symantec Protection Engine has encountered a critical error|Date/time of event = 2020-07-12 18:46:22|Event Severity Level = Error|Error Message = socket error: getpeername: ENOTCONN|Symantec Protection Engine IP address = X.X.X.X|Symantec Protection Engine Port number = 1344|Uptime (in seconds) = 2065593|Date/time of event(with millisec) = 2020-07-12 18:46:22:851|Symantec Protection Engine Host Name = HOSTNAME
The connection to SPE was closed before SPE returned a verdict, resulting in this error when it tries to respond to the connector.
In most cases, this is caused by a RST packet sent by a load balancer between the connector and SPE. Gather a packet capture while reproducing the error. You likely will need to gather captures on the scanner and the connector. If the load balancer or connector is sending RST packets, work with the respective vendors to troubleshoot the issue. If the connection is closed by the scanner, ensure that the host machine has the most recent OS updates applied. If the scanner continues to close connections, contact support.