I did a week's worth of troubleshooting and Googling and have found some tips that finally helped me get the SVAs I created to show up in Monitors->Security Virtual Appliance, and for the clients to display something other than "Unknown" in the Security Virtual Appliance column.
I am using the following versions of software for our SVA environment:
- Symantec_Endpoint_Protection_12.1.5_Security_Virtual_Appliance_ML.ova
- VMware-vShield-Manager-5.5.4-2673026.ova
- VMware vCenter 6.0 and vSphere 6.0
Where possible, put the SVAs on the same subnet as the SEP manager server. If you don't, you may run into the same issue I did. No SVAs were showing up in SEP Manager, under Security Virtual Appliances and the clients were showing as unknown in the Security Virtual Appliance column. With some assistance from our network switch SME, we found that there were 2 NICs on each SVA that were being used. Moreover, both NICs had default gateways setup. Using the link below, I was able to modify the /etc/sysconfig/network-scripts/ifcfg-eth1 file and remove the default gateway for the private vmservice-vshield-pg network interface (ETH1). Once removed, and network service restarted, I could see the SVAs and clients could communicate with the SVAs.
http://www.mattlestock.com/2015/02/symantec-endpoint-protection-sva-network-connectivity-issues/
-“For whatever reason, the appliance is configured for the default route of the private vmservice-vshield-pg network instead of the specified Network in the config file.”
-"This is only going to be an issue in the event that your SEP SVA is on a different network than your SEP Manager Server."
Also, I haven't seen it explicitly stated in the setup documentation, but DON'T upgrade VMware tools on the SVAs. Also, DON'T change the port that the SVAs use to communicate with the SEP manager server from 8014 to 80, as suggested in a non-Symantec forum posting. By default, the SVA will communicate utilizing port 8014. There is no need to change it...when I did make the change in the exported sylink policy file, the SVAs would not communicate.
Hope this helps someone else.