Status page of SEP (Symantec Endpoint Protection) Mac client interface displays "Virus and Spyware Protection is Disabled" and OS is logging "invalid signature" errors to system.log for various Symantec kext (kernel extension) files. The issue persists, even after a successful download of new virus definitions via LiveUpdate or clicking "Fix" in SEP client interface.
The kext files may be corrupt, from various causes.
Code signature errors may be exposed by beta versions of the Mac OS.
Erroneous symbolic links (if present) in the kext folder will prevent auto-protect from loading. These links are likely to have been introduced by a customized installation procedure, e.g. a script that modifies the SEP client after installation.
Code signature errors in beta versions of Mac OS may be worked around by disabling the "rootless" feature (AKA System Integrity Protection or SIP). Symantec does not recommend this for any extended period of time, and SEP code signing will be addressed in future versions to address this issue. To toggle "rootless": reboot and hold down command-R to enter recovery console, run Utilities->Terminal, run "csrutil disable" (or "csrutil enable"), and reboot
Other file/folder corruption causes may be resolved by uninstalling and reinstalling the SEP product, directly from a proper souce. For example, it is not advisable to unzip an installation package on a Windows (or other OS) and then copy the files to a Mac; it is best to copy any zipped installation package directly to the Mac before unzipping, otherwise subtle file permission errors may be introduced to the installation.
Other workarounds may include manually replacing the contents of the affected kext folder(s) from a working system.