When on-access is disbaled, the SEP client will not scan for trojans, worms and keyloggers.
Nowadays, the term "virus" is seldomly used. Or is rather used as a generic term.
A virus per-say, as defined, will automatically "replicate itself" thus modifying a file or folder. It is inherant in it's nature and by definition is it's signature, differentiating it from Trojans, Worms and Keyloggers.
* * * * * * * *
By removing on-access, SEP will not scan a word document, excel document for example, for malicious code hidden in Macros. These will generally be used to exploit vulnerabilities in the OS, allowing an attacker to gain control of or part of the system and spread. Worms and trojans.
Again, these types of files replicate across network and modify files/folders.
On modification will trip the "alarm" and SEP will suppress the threat it knows about to the best of it's capabilities, once the threat tries to compromise the system.
What will actually be missed? To answer the original question, is very little or nothing.
The danger in removing "on-access" is that you are becomig "Reactive" as opposed to being "Proactive".
The advantage is lower overhead when accessing system and network ressources...