I have just recently built a new sccm 2012 instance , with new site code and moved all the clients across , Clients are all appearing with the correct site code and are successfully getting the correct antimalware policies applied from the new server on the SCEP instance that was installed from the previous sccm server.
The problem is the new server is showing the clients as no endpoint protection enabled.
Basically the clients are not reporting there endpoint status to the new server, however are reporting there client status.
I was able to resolve the issue easily enough by uninstalling endpoint and reinstalling it again, but as there are over 700 devices this is not ideal,
I have also tried deleting registry.pol..no luck here