When Symantec Endpoint Protection Manager Server Activity logs show "Error: Request Authentication", with no other explanation, there will also be paired with this error a "Suspicious Activity" alert email generated using the IP / Host Name of the SEPM server only.
Below is an Example of the Alert Email generated by the Symantec Endpoint Protection Manager Server :
Subject: Security alert for SEPMSERVER
Server name: SEPMSERVER
Server IP: 192.168.XXX.XXX
Security alert: suspicious activity from 192.168.XXX.XXX was detected on Symantec Endpoint Protection
Manager SEPMSERVER. Check the log files for details.
This is caused by missing session information while performing actions in the SEPM.
This is a known defect with Symantec Endpoint Protection Management Server versions 14.3 RU2, 14.3 RU3 and 14.3 RU4.
This issue is fixed in Symantec Endpoint Protection (SEP) 184.108.40.206 (RU5). For information on how to obtain the latest build of SEP, see Download Symantec software, tools, and patches.