Hello,
What version of SEP 11.x are you carrying??
Did you check the Client machines if the issue is really existing on the client machines or not??
There was a issue which was resolved in the SEP 11.0.RU7 MP1
Check this:
http://www.symantec.com/docs/TECH103087
IPS status and numbers are incorrect in reporting
Fix ID: 2240928/2376877
Symptom: In some areas of Symantec Endpoint Protection Manager reporting, IPS signature data is inconsistent or incorrect. Affected areas include:
- Home > Security Status > More Details > Intrusion Prevention Signature Update Failures
- Reports > Quick Reports, where Report type = "Computer Status" and Select a report = "Intrusion Prevention Signature Distribution"
Solution: The Symantec Endpoint Protection Manager queries were modified to show the correct IPS client data.
Hope that helps!!