With local authentication enabled, if the DHCP Enforcer appliance loses its connections with the Symantec Endpoint Protection Manager, the DHCP Enforcer appliance then authenticates clients locally. In this case, the Integrated Enforcer considers the client a valid user and therefore only checks the client's host integrity status.
If the DHCP Enforcer appliance does not lose its connection to the Symantec Endpoint Protection Manager, it continues to ask the Symantec Endpoint Protection Manager to verify the client's UID. This process continues whether or not local authentication is enabled or disabled on the management server.
This setting is disabled by default.