Endpoint Protection

Dear all,
1st issue:
I want to create SEPM server with real IP address And allow clients in remote sites to communicate with this server via public internet connection to be managed by this server.
(i'm thinking of creating package from this server then installing it on this clients so it will refere to the server as it has real IP.is it applicable?)

2nd issue:
i have many pc's in my network their date is not correct specially the year may be 1970,1998 or  any random year sometimes with every restart the date decreased a year i'm afraid that it may be a virus behaviour as when the windows is updated for this clients the MS malicious removal tool detect a virus and the time and date be correct again(sorry i didn't remember the name of the virus).
any one can support me in this issue also

I suppose that the server is inside your closed lan, so you would have problem's using this server on remote sites (unless you use other port then 80 and route all traffic from that port to the SEPM),
there is a solution, a much better solution which is GUP (Group Update Provider).
You can read about it here:

Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)

another thing you might want to read:

New features and functionality in Symantec Endpoint Protection Release Update 5 (SEP RU 5) Group Update Provider (GUP)

About your other issue,
what AV do you have on those stations?
are all stations connected to the internet? if it is not a virus maybe they are not getting the time from your NTP server and you need to use Microsoft NTP servers. (NTP=Network Time Protocol).

Regards,
Naor Penso

Naor,I'm using SEP client RU5 and all clients are connected to the internet and all clients can get time from my NTP server except the clients that i doubt that it may be infected.

for the 1st issue the big deal is not the bandwidthwhich i think its the main concern for using GUP what I'm looking for the remote clients to enforce policies for all remote clients and manage their status so as I said b4 i will initiate new server sure not in my local lan say its in DMZ and i will give it static real IP and i will allow the required ports for client to server communication through the firewall to this server????
again is it applicable?

 
"2nd issue: 
i have many pc's in my network their date is not correct specially the year may be 1970,1998 or  any random year sometimes with every restart the date decreased a year i'm afraid that it may be a virus behaviour as when the windows is updated for this clients the MS malicious removal tool detect a virus and the time and date be correct again(sorry i didn't remember the name of the virus).
any one can support me in this issue also"

How often are you running scans on these computers? Are you noticing other behaviors that indicate you might be infected such as not being able to visit the www.symantec.com site or unidentified computer processes.

You might want to start with our 5 steps of virus troubleshooting guide:
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/59ced4261979d3e78825725f007bfde5?OpenDocument

Cheers
Grant

For the first issue this may be helpful to you
How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device 

For the second issue refer this
How to find Suspected Threats on your computer.

thanks AravindKm i think the KB article will solve the 1st the issue.about the 2nd issue could you please explain more about how to use this tools to determine if the pc's are infected or not.

with the help of these tools you have to find out suspected files in your pcs ,submit it to symantec get the definitions for it scan and remove the virus..(First you can scan the pc in the safe mode with latest defs and see it is finding anything) ..
You have to consider the possibility of rootkits also
Rootkit -- An Intruder Living in your Kernel

This tool also will be helpful for you 
The Load Point Diagnostic Utility to identify suspected threats