The Host Integrity Policy - runs portions of SNAC but is not the full SNAC implementation. The Host Integrity Policies in the new 12.1 RU 5 client need that client to function it is not retroactive.
The SNAC components are being disassembled and absorbed into thier prosepective - Symantec offerings - SEP, SEE/WDE, DLP, e-mail, and CSP. The Network enforcer appliance would have been what you would need to scan and apply policy on a system that did not already have SEP on it.
The Host Integrity policy in SEP 12.1 RU5 can monitor the SEP client and report if it is working or not, it can force remediations to restart services, and reboot the system to remediate out of scope findings.
However, it does not actively scan for or install the client itself, as it needs pieces of 12.1 RU 5 to be on the system to run.
If you are looking for older clients or abandoned clients from previous versions you can run a SEP UNMANAGED DETECTOR for the subnets in your environment - I would think if it is for a large scale or multiple subnet building a NIC with a network SPAN or R_SPAN would do nicely.
The new Host Integrity policy can remeidate things like Windows Patches, VPN clients, Service Packs for the OS, install Adobe products. All of this is by utilizing scripts and, network shares, proper credentials to force the remediations.
This resolutions can be forced (no user interaction required), suggested (re-directed to a sandbox or URL), reported only (notification sent via email), or refused and the client terminates the process until fixed.