Hi,
I have Symantec Endpoint Protection Manager installed and have 3 ESXi hosts that maintain my VM environment. Each of these hosts have SVA installed and all are running. Shared Insight Cache has been configured and for my VM guests on the same Active Directory domain as the SEP Manager, I'm not having any issues seeing those clients, scans running, files caching, content updating, etc.
However, I have multiple domains to manage with SEP. Within my VM environment, there are multiple domains that house VM guest machines (servers). I have installed the EPSEC driver to all the servers (regardless of AD domain) successfully. In vShield I can see on the Endpoint tab for each ESXi host that all servers (regardless of domain) are being shown as 100% normal and protected VM's. The problem I'm experiencing is that SEP Manager is not discovering the VM assets that live on another AD domain. I've looked through our firewall logs and it appears that these clients are attempting to connect to the IP address of my SEP Manager server, but are being blocked.
The primary reason we chose the Symantec route for AV was for the Shared Insight Cached features and the ability to bypass any firewall communication requests because that traffic should be routing through vShield (for our virtual hosts) and communicating to the SEP manager through that avenue.
Any information or suggestions would be greatly appreciated.