HI,
With regards on your concern, you shouldn't have to block access the default network shared folder of Altiris like the deployment, patch etc. because this network shares are configured to connect to your clients and access it whenever they need it like Patch Updates, OS deployment, Software Delivery, etc. Blocking it will cause to failure to deploy all your jobs and tasks.
Not sure if it can be possible to blocked it without affecting connections with your clients, but its a best practice and also its default settings.
Regards,
JM