By default, Network Threat Protection is enabled. You may want to disable Network Threat Protection on selected computers. For example, you might need to install a patch on the client computers that would otherwise force the firewall to block the installation.
If you disable Network Threat Protection, it is automatically enabled when the following happens:
The user shuts down and restarts the client computer.
The client location changes from server control to client control.
You configured the client to enable protection after a certain period of time.
A new security policy that enable protection is downloaded to the client.
Threat protection from the Symantec Endpoint Protection Manager?
How to disable Client Network Threat protection from the Symantec Endpoint Protection Manager
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007111211492548