After the Symantec Endpoint Detection and Response Appliance license has expired, several functions are disabled. Once the license file is updated, there are several actions that need to be done to restore the appliance back to its full function.

Once the license is updated on the SEDR Appliance, you will need to check or re-enable the following settings:

Global:

• All Synapse entries are disabled. You will need to uncheck each of these entries, and recheck them.
• The SEPM Database connections are disabled, you will need Edit each entry and check the box for Enabled.
  Note: The SEPM DB entries will disappear when the license is expired. You may need to refresh and clear any browser cache to see them after the license is updated.
• Targeted Attack Analytics may need the SEP license uploaded. When the SEDR license expires, the appliances stops being able to communicate with the TAA telemetry servers.

Appliance:

• The Network scanning function must be manually re-enabled when the license file is updated. You will need to edit each Scanner and turn Scanning back on.

Data Sharing:

• Each of the OAuth tokens should automatically re-enable. Always review each settings to verify Healthy status.