Download Insight will still be involved, even for scheduled scans as it needs to check repuation of a file:
How Symantec Endpoint Protection uses reputation data to make decisions about files
Does Symantec Endpoint Protection 12.1 Always Use Reputation to Detect Malicious Files?
With the specific configuration that had been put in place, this is "working as designed."
- SEP 12.1 Auto-Protect does not use full reputation with every scan: it can use reputation to block malicious downloads as part of the optional "Download Insight" feature.
- SEP 12.1 scheduled/manual scans can use reputation, if configured to do so.
- Also, SEP 12.1 SONAR (TruScan/PTP) can use reputation as part of its defences.
Manual and Scheduled scans can use full internal (IRON) and cloud-based community/symantec Reputation information as part of their scans, when configured to do so. (When "Insight Lookup" is enabled, these scans use the latest definitions from the cloud and the Insight reputation database to make decisions about files. If you disable Insight lookups, Insight Lookup uses the latest definitions only to make decisions about files.) Some more information can be found in Customizing the virus and spyware scans that run on Windows computers