You are seeing expected behavior. A reboot is mandatory for new installs and upgrades.
Thanks for the answer vimalnavis,I know that a reboot is sometimes needed after installing or upgrading a McAfee product but the problem is that we cannot force a reboot after upgrading and we are loosing all DLP events until coputers have rebooted. If DLP agent stored events and after rebooting sent them to ePO it would be almost fine but these events have been lost forever and there will always be a gap between upgrade and reboot.
Anyway, if this is as designed there's nothing more that can be done, that's for sure.
Just another question: as we are only logging activity and evidences (not blocking at this moment so we cannot check wether the rules are applying or not)) would the DLP policies apply to computers between upgrading and rebooting the computers?
DLPe policy is enforced only after the computer is rebooted, a user logs in and the McAfee Agent receive a policy from ePO.
Which is one of many reasons why a mandatory reboot is very important.