Hi,
Ideally SEP should not block MS updates.You should use hostname instead of IP addresses.
Even Symantec does not use static IP for liveupdate servers.
Tamper Protection blocks this action on Symantec keys and processes as these are Symantec-protected resources. Users may have the impression that this is causing the Windows Update to fail, but it is not.
For further information, see the following article for information on related Windows Update difficulties:
InfoWorld article
http://support.microsoft.com/kb/914450
http://support.microsoft.com/kb/893249
Symantec Endpoint Protection: Tamper Protection appears to be blocking Windows Update
http://www.symantec.com/docs/TECH161109
Symantec Endpoint Protection 12.1: Blocked System Change Events produce unexpected messages
http://www.symantec.com/docs/TECH161646