Symantec Endpoint Encryption has always had the ability to manage clients in its own Policy Groups. In this way, individual machines can be part of different group policies, such as if Autologon is assigned to one group, and not another.
Prior to 11.3.1, the SEE Client would always default to the "SEE Unassigned" group, which is the default group. If you have custom groups, once the SEE client checks in with the SEE Management Server, you would then need to move the machine manually to another group.
SEE 11.3.1 and above now has the ability to create a SEE Client, and have them assigned automatically once they check in with the Management Server.
When you go to the SEE Client creation wizard, make note of the field "Preferred Policy Group":
In the screenshot above, you can see that "SEE Unassigned" is selected by default, just like it was in previous versions of the software. If you click the drop-down menu, you'll notice you have the ability to select a policy when you create the client:
Each of the groups available correspond to the SEE Native Encryption Policies you have configured previously:
Now if you select one of these custom policies, as soon as the SEE Client checks in with the SEE Management Server, the client will automatically be assigned to the policy you selected and there is no need to move the machines into that group manually.