SEP 12.1 will protect local clients only, it has many features to do that including firewall, IPS, SONAR, and Download Insight.
You may want to look at Advanced Threat Protection: Network:
https://www.symantec.com/content/dam/symantec/docs/data-sheets/advanced-threat-protection-network-en.pdf
What you really need to look at is a network IPS.
SEP for SharePoint is also available but as you've said, won't work. SEP wouldn't scan it until it hit the disk.