Hi Dave,
Just speaking in general terms: Symantec products are put through a comprehensive array of QA tests before being released, but are usually not tested on platforms that are not supported or not publicly available.
If Microsoft is dropping Windows 2000, then I would expect that future releases of SEP won't be tested/certified against Windows 2000. Releases that have been OK'ed against Win2K (like SEP 11 RU5) should still be supported, but if there's evidence that the root of any problem comes from the OS rather than the Symantec product I think you'll be out of luck. It'd be a good idea to start migrating away from Win2k to a platform that future releases of SEP will be certified on.
Some more info:
System Requirements for Symantec Endpoint Protection 11.0.5 and Symantec Network Access Control 11.0.5
Thanks and best regards,
Mick