Sorry for the long delay in response. Please see this Symantec KB for definitions.
SNAC Agent States Defined
Quarantine: The SNAC agent has not meet the authentication requirements and the SNAC Enforcer appliance has blocked/quarantined this system from access to the production network.
Allowed: This state can occur when the Enforcer not connected to the SNAC management server while still operating in Enforcement mode on the network. Host Integrity (HI) rules are still being enforced but user/host level authentication is unavailable due to the off-line SNAC management server. Agents in the ALLOWED state have passed HI checks only.
Approved: The SNAC agent has passed both the HI check, as well as user/host level authentication. The SNAC Enforcer is in Enforcement mode and is connected/communicating with the SNAC management server.
- http://www.symantec.com/business/support/index?page=content&id=HOWTO45743
Best,
Thomas