The SEPM needs to be installed only if you wish to manage the SEP clients centrally. As far as Unmanaged clients are concerned the installation of SEPM is not required.
There are 3 features of endpoint. Antivirus & Antispyware , Pro active Threat Protection, and Network Threat Protection. The AV/AS feature is self explanatory, the PTP is a real time protection from threats by monitoring their behavior, and the NTP feature is similar to that of a Firewall and it can block both incoming and outgoing traffic. The NTP feature needs to be tested thoroughly in a TEST environment before its implemented on a Production environment. For the time being start with installing only the AV/AS and then the PTP and lastly the NTP this would help us narrow down on the issue.