I think you'll need Symantec to repond as to why they're using RC4. As you say, this should really be changed.
Regarding what it is however, the URL seems to suggest it's related to Quarantine submissions and Symantec's Digital Immune System, as indicated by its use in the Quarantine Server:
http://www.symantec.com/docs/TECH100449
Perhaps someone on the the internal host trued to submit a file to Symantec Security Response?