The Endpoint agent during an upgrade of the agent to 126.96.36.199 will show a reboot required message with a red slash through the machine in the machine's tab and also when opening the machine itself in the UI:
Due to known upgrade issues with the NetWitness Endpoint agent moving to 4.3 from a prior version, the kernel driver error 0x20010007 code is detected, which informs the UI that the agent needs a reboot in order to enable correct functionality of the kernel driver on the agent endpoint, otherwise full functionality will be impaired when tracking data, scanning, or using containment features or blocking.
To resolve this issue, the agent must first be rebooted.
Go to the agent in the UI during a window frame when it will not disrupt normal business operations on the endpoint in question and right-click the machine in the Machines tab go to Advanced>Reboot
When the popup box asking if you wish to reboot the agent appears, select Yes
Go to a command prompt and run ping -t <ip_of_rebooted_machine> to check for when the machine goes offline which may take some time and when it starts pinging again
Open the UI again and check the state of the machine. It may still show a red icon indicating it is not rebooted: