check the NTP logs, there could have been attack hence the traffic from that machine is blocked for 10 minutes.
If you feel the traffic should be allowed, go to the Firewall policy ---> Protection and stealth settings--> uncheck 'Automatically block an attacker's IP address'
In the SEPM you can crate a firewall rule to block an attacker address or you can increase the default time limit 10 minutes.
By default attacker IP address is blocked for 10 minutes. You can maximize this time through policies. Set it to maximum.
I don't see any concern to create exception for single IP address becauase attackers are smart enough they will start with new IP address.
Machine is receiving an attack means there must be some loophole in the system.
Patch the system with all the system updates. Use all the SEP features i.e AV/AS, PTP & NTP with latest definitions.
Check this article:
http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=23179
Check this Link for all the Updates which needs to be installed.
http://www.securityfocus.com/bid/31874/solution
you can check this forums.
https://www-secure.symantec.com/connect/forums/constant-traffic-ip-address-xxxxxxxx-blocked-message-popping-out-1
https://www-secure.symantec.com/connect/forums/constant-traffic-ip-address-xxxxxxxx-blocked-message-popping-out
http://www.symantec.com/connect/forums/block-ip-0