Hi,
from a first quick look on scm-server-0.log here's one significant error:
HTTP 401 Unauthorized, URL:
http://localhost/secars/secars.dll?action=34
It means that there are some custom restriction in IIS. The SEPM console is web-based.
I give you a test URL you can use in your browser for a standard IIS troubleshooting:
http://localhost:(port)/secars/secars.dll?hello,secars
where (port) is the port of the Symantec Web Sites installed in IIS if it is not the usual 80.
The above URL will fail with error 401 instead of "OK" and it is up to the Microsoft Support because, again, it is a standard IIS error code related to the custom restriction in place in the system.
Most of the times there are some issues with the anonymous user.
In this moment I don't have useful links for you in my hands because I am not in my office, sorry.
Regards,
PS: When you will get "OK" from the test URL, remember to start manually the Symantec Endpoint Protection Manager before test again the log on in the console!