Symantec Endpoint Protection (SEP) client is not getting enrolled with Endpoint Detection and Response (EDR). On checking "EDR Connection Status" tab on SEP client (Help> Troubleshooting), it has not received the EDR server details and shows "Waiting for data".

Multiple causes

The issue is found due to different causes and need to verify the following to fix it:
1. FIPS mode is enabled on SEP client.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
Value of Enabled key is 1.

Disable it with changing the value to 0.

Note: Refer to Article ID: 150939 for EDR enrollment supported on FIPS enabled clients.

2. Port 443 is blocked on SEP client.
Verify it with telnet command:
telnet IP_of_EDR 443

Need to allow the port 443 if it is blocked for EDR enrollment.

3. Verify that client can open the EDR URL and there is any error related to certificate:
https://IP_of_EDR/atpapp/

Validate the certificate for the EDR website and the one in policy.xml of the client is same.

Reference: SEP client does not accept the EDR certificate, SEP clients are in "Authentication Pending"

Verify that the EDR certificate is created as per below article, with the correct values in SAN:
Create and install a certificate to the SEDR Management appliance

4. In External communication settings of the client's group, select the option "Do not use a proxy server" if proxy is not used

5. Group Communication Settings on SEPM is set to Local, change it to Group as per Article ID: 258606.

SEP clients stuck in "Authentication Pending" in the Enrollment Statistics during ECC client registration

SEP client is stuck in "Authentication Pending" status.