Hi Meredith,
Please let me know the SEP ver you are using.
Are these systems reporting to the SEPM console?
To disable the NTP and PTP there are 2 ways as per my knowledge:
1) uncheck the "enable" policy for Firewall and IPS.
2) Upgrade the your sepm console to the latest ver SEP MR4 MP2. (if it is old version)
Once console is upgraded, Select Install packages Tab and add a new installation package.
While creating the installation package Select the new version SEP MR4 MP2 and installation component select only Antivirus and Antispyware.
By this all the clients will get upgraded to latest version and as well it will be installed with only AV/AS.
This works best on your LAN. But takes more time for the systems located at different location.