If I had to guess, given that the SEP client goes online then goes offline, that it can't verify the signature to authenticate communication.
Verify this by enabling Sylink debug logging:
How to enable Sylink Debugging for Symantec Endpoint Protection in the registry
http://www.symantec.com/docs/TECH104758
If you see "Signature verification FAILED for Index File Content" there, I'd have a look at this:
Signature verification FAILED for Index File Content - Clients are green in the SEPM, but show offline.
http://www.symantec.com/docs/TECH93740
What version of the software are you using?
sandra