HI,

Check this artical

Duplicate Hardware IDs result in only one client showing up in the Symantec Endpoint Protection Manager for multiple systems

 In version 12.1 of the SEPM, the location for adjusting the setting to delete clients which have not connected for X number of days has moved:

1. In the SEPM, go to the Admin page.
2. Select Domains.
3. Under Tasks, select Edit Domain Properties.
4. In the Edit Domain Properties window, on the default General tab, note the option to "Delete clients that have not connected for specified time."

https://www-secure.symantec.com/connect/articles/duplicate-sep-clients-appear-symantec-endpoint-protection-manager-console

Were you using an image?

Try this

1. Stop SMC on both of the affected client computers by clicking Start > Run, type smc -stop then click OK.
2. On the SEPM console, delete the client entry that the two computers have been sharing. This will prevent the client duplication that would otherwise occur due to the following steps.
3. On each of the affected computers, go to registry location: 
   • HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylink
4. Clear the value for "Hardware ID." (make it blank)
5. Disable Tamper Protection if you are unable to edit the value.
6. On each of the affected computers, navigate to the following directory location:
   • SEP 11 Location:  
     • C:\Program Files\Common Files\Symantec Shared\HWID
   • SEP 12.1 Location: 
     • Windows XP/2003: C:\Documents and Settings\All Users\Application Data\Symantec\Persisted Data
     • Windows Vista/7/2008: C:\Program Data\Symantec\Symantec Endpoint Protection\Persisted Data
7. Find file "sephwid.xml". Rename it to "sephwid.xml.bak".
8. Start SMC on each computer by clicking Start > Run, type smc -start then click OK.
9. Check the SEPM console for the new SEP client 
   • When the clients check in they should have unique hardware IDs.

Yeah, this can happen due to removing/reinstalling SEP sometimes.

SEP Clients identify themselves to the SEPM using what's called a Hardware ID, which is a SEP Specific ID code.  If the reinstall results in a new Hardware ID being generated, then a new client record will be created in the SEPM.

The redundant entries in the SEPM's records will eventually drop off after 30 days by default.

#EDIT#

Regarding the results of your report.  Is it possible that the client was reinstalled mulitple times within the last 30days in quick succession?

Typically, SEP install packages contain a set of defs.  It sounds to me like SEP was installed (with August defs), it reported in and created a record on the SEPM, and something caused a change in the Hardware ID (reinstalled perhaps?) generating yet another client record, but leaving the old record with a recent check-in time (but old defs).

Some recommendations for imaging with SEP installed:

Configuring Symantec Endpoint Protection 11.x client for deployment as part of a drive image

http://www.symantec.com/docs/TECH102815

How to prepare a Symantec Endpoint Protection 12.1 client for cloning

http://www.symantec.com/docs/HOWTO54706