You should get familiar with SEP technologies, here are they:
Auto Protect:
Auto-Protect is the first line of defense against threats by providing real-time protection for your computer. Whenever you access, copy, save, move, open or close a file, Auto-Protect scans the file to ensure that a threat has not attached itself. By default, it loads when you start your computer to guard against threats and security risks. It also monitors your computer for any activity that might indicate the presence of a threat or security risk. Auto-Protect can determine a file's type even when a threat changes the file's extension
Refernece: http://www.symantec.com/docs/TECH94990
If you disabled auto protect, it will by default disable Download Insight and SONAR. It's as good as NO AV.
Download Insight:
Advanced Download Protection (Download Insight) is a new advanced protection feature included with the SEP 12.1 client. This feature allows the SEP client to leverage Symantec's Cloud-based reputation database when files are downloaded or executed directly from popular Web browsers
Reference: http://www.symantec.com/docs/TECH171776
SONAR:
SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.
SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complement your existing Virus and Spyware Protection, intrusion prevention, and firewall protection.
Reference: http://www.symantec.com/docs/HOWTO55254
Check this article as well: How the Insight Lookup process works
http://www.symantec.com/docs/TECH169282
Best bet can be to uninstall SEP from mission critical server drives & map them to perform full scan because you can't restrict SEP services o specific time stamp.