"Thumbs up" to the advice, above.
A couple extra notes.... the SEPM comes with its own built-in JRE. There should be no need to manually install Java on the server.
Also: if you do have Java installed on any machine, please be aware of the recent vulnerabilities discovered in Java. Also be aware that patches are now available for Java, and Symantec offers protection against threats which exploit the vuln. It is a very good idea to upgrade that component and ensure that all SEP defs are up-to-date.
Additional Protection for Recent Java Zero-Day
https://www-secure.symantec.com/connect/blogs/additional-protection-recent-java-zero-day