Hi Mark,
Its something we could consider, but I'm not sure how big the requirement would be in the SMB sector.
With SEPSBE, you can choose whether you want to install Network Threat Protection or not, I would certainly recommend you do install it, it doesn't cost any more and you can run the firewall component of it with an "open" ruleset if you wish (thats pretty much how it is out of the box anyway) the added feature though with Network Threat Protection is our IPS engine, which is now really doing so much more than just IPS, take a look at my article on Krypton here for more info:
https://www-secure.symantec.com/connect/articles/so-what-krypton-anyway
SEPSBE is really designed for those small customers who are still running SAVCE and want to up the ante in terms of protection, but still have something thats easy to manage and look after. By default the clients will check LiveUpdate once per day, but this can be easily changed using the LiveUpdate policy from the management server and the policy can be wrapped up into a client install without a problem.
SEPSBE at this moment in time does not include application or device control, customers wanting those sorts of features should stick with "SEP Enterprise" (current v.11). SEPSBE delivers easy install, easy management, easy reporting and notification and easy security to the small business customer.