Endpoint Protection

In the IE of your clients create an exception for 10.20.201.xx2

i have checked IE proxy setting.
i also define IP SEP's server  in exceptions.

all traffic in HTTP communication to the server SEP does not pass through the proxy. (then the IE proxy settings work well)
But only this SMC secars.dll passes through the proxy.

:-(

the strange thing is that even if I remove IE using proxy server.
SMC / secars.dll always passes through the proxy.

I think there is a setting in the SEP to determine whether to use a proxy, but do not know where it is

Do you tried by restarting smc service in the clients?

yes

in my log proxy, have 100log for any Computer by hours :-(

The smc service which communicates with secars.dll uses the IE settings for the system account.  Sometimes when you migrate from older versions of Internet Explorer, the proxy settings get migrated incorrectly and applied to the system account.  Essentially you have to remove the proxy settings on the system account.  Symantec has a couple documents on this. 

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009082701244448

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008100811312148

Many thanks in the first link you posted I found a great explanation

Steps to edit the SYSTEM account proxy settings through using a Scheduled Task:

• • Click Start > Run
    Type cmd and click OK
    Type in this the following command and press Enter:
    
    at 12:00 /INTERACTIVE "C:\Program Files\Internet Explorer\iexplore.exe"
    
    You should receive a confirmation stating "added a new job..."
    
    Navigate to the Control Panel and open Scheduled Tasks
    Right-click the new task just created in the previous step (probably named "At1") and click Run.
    This will open an Internet Explorer window that will now be running under the SYSTEM account.
    Go to the Tools menu and select Internet Options
    Select the Connections tab and click the LAN Settings button.
    Uncheck Use a proxy server for your LAN
    Click OK twice
    Click Start > Run
    Type SMC -stop and click OK.
    The Symantec Endpoint Protection icon should disappear from the system tray.
    Click Start > Run
    Type in SMC -start and click OK.
    

my only problem is that I must perform this procedure on each computer.
Do you know any automatic setting? maybe by GPO?

If you're managing your current proxy settings via GPO, if you simply delete the registry keys from the second document and reboot, your users's proxy settings will get restored while removing the system account's proxy settings.  Deletion of these keys could be easily scripted, but you should test this first obviously.