Hi Check this forums.
https://www-secure.symantec.com/connect/forums/block-network-client-when-any-virus-attack-do-not-broadcast-virus-network#comment-6959581
SEPM is not a Protection features. Its a management utility. So it's not possible with even SNAC.
Any features is included in the SEP for protection.
For protection against any type of exploit; customer should have NTP & IPS feature installed.
Question - Let Suppose one client is infected from virus and SEP client detect it due to some reasons its do not delete and broadcast that virus on network so i want block the network of that client from broadcasting through SEPM can its possible..??
--> The best way is to isolate the computer from the network to ensure that the threat is not spreading/infecting the other computers on the network
If you know the threat characteristic and it's infection vectors you may apply firewall rules/Implement best practices to block certain ports involved, disabling auto play,disabling shares etc.
One other way is to move the affected client to a temp group and implement high security policy... like allowing only required ports and protocols, and with ADC policy to prevent infection through Autorun.inf, network scanning enabled, Bloodhound set to high level, etc.,
With all being said, the best way is to isolate the computer from the network and ensure complete remedidation before connecting it back to the network