Symantec Endpoint Protection (SEP) clients and Symantec Endpoint Protection Manager (SEPM) are in dark network and content is updated for Virus and Spyware protection only through JDB file on the SEPM.
You Notice that exceptions set in the Exceptions policy are not being honored during the scans.

Below is seen in the WPP logs:

[04/04/2024-10:36:53.494] 0CAC : 34F0 : ERROR : AtpiEim : AtpiEim_x64_SEP_HrUtils.h(72) : asr::SefFeatureImpl::Initialize : m_spSymPlatformMain->IsPlatformRunning() is false 
[04/04/2024-10:36:53.494] 0CAC : 34F0 : WARN  : AtpiEim : SEFFeatureHelper.cpp(155) : SEP::CSEFFeatureHelperImpl::GetAndInitializeFeature : Failed to initialize the SEF feature [exceptions], hr = [0x80070015(ERROR_NOT_READY)]
[04/04/2024-10:36:53.494] 0CAC : 34F0 : ERROR : AtpiEim : AtpiEim_x64_SEP_HrUtils.h(67) : asr::SefFeatureImpl::GetConfiguration : spFeature is nullptr 
[04/04/2024-10:36:53.494] 0CAC : 34F0 : ERROR : AtpiEim : AtpiEim_x64_SEP_HrUtils.h(52) : asr::bump_service::BumperImpl::BumpChannel : hr failed with 0x80004003(E_POINTER)

Supported Windows OS.

SEP 14.3x

The issue is caused by missing content in SymPlatformDefs folder. Side effect of this is that speng64.dll is not loaded in SepScanService.
The SEF exceptions engines is loaded as part of this DLL so it is also missing from the picture. When AVHostPlugin.dll checks for exceptions, it sends an IPC to SEF but this call fails because the other side is not listening.

Update SEPM/SEP with SymPlatformDefs (Symantec Endpoint Foundation) definitions for the exceptions to work properly.

JDB file or Intelligent Updater is not published for this content.
For dark networks, Live Update Administrator can be implemented in DMZ to download the definitions and provide to SEPM or SEP clients directly.