In addition to manual approval, you can also set an automatic approval rule for definition updates and Endpoint Protection updates.
This is done by configuring automatic deployment rules.
Before you begin to create automatic deployment rules, make sure that you have configured Configuration Manager software updates.
Possible issues 1) Client firewalls 2) Old or corrupted virus definitions prevent Symantec Endpoint Protection Manager to update with new downloaded virus definitions Read this article from Symantec: Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions
page=content&id=TECH104721&locale=en_US MSPs: Endpoint security isn’t enough to prevent ransomware.
There is nothing in the event logs that tells me if there are any issues with the product. They are running version 11 the reason Live Update us greyed out, is because the Client AV Protection was installed as a "Managed Client" on the PC or Workstation instead of an Unmanaged Client.
Therefore the live updates are centrally downloaded by the End Point Protection Manager and pushed out to the clients.For more information about the Create Automatic Deployment Rule Wizard, see Operations and Maintenance for Software Updates in Configuration Manager.If you use WSUS to keep your antimalware definitions up to date, you can configure it to auto-approve definition updates.Endpoint Protection definition updates must be approved and downloaded to the WSUS server before they are offered to clients that request the list of available updates.Clients connect to the WSUS server to check for applicable updates and then request the latest approved definition updates.If you want to take advantage of this feature, download the Windows Mixed Reality PC Check to see if your system can handle it.