You need to create a rule so that it allows HTTP access for the port number used by symantec endpoint protection manager and clients
if installed on default website..it will be port number 80
if on custom most of the times it will be 8014
these ports should be open for the clients to communicate.
http://www.isaserver.org/tutorials/Configuring_ISA_Server_Interface_Settings.html
On the ISA 2006 Server, logon using an account that has ISA Server Administrator permissions.
2. Go to: Start > All Programs > Microsoft ISA Server Management.
3. In Microsoft Internet Security and Acceleration Server 2006 management console left hand side menu, expand the array name, and then click the Firewall Policy node.
4. In the right hand side click on Tasks tab. On the Tasks pane, click on Create Access Rule.
5. On Welcome to the New Access Rule Wizard page, type the name you wish to give to the Firewall Rule (e.g. Allow HTTP Traffic) in Access Rule name text box. Click on Next.
6. On Rule Action page, select the Allow option, and then click on Next.
7. On Protocols page, select the Selected protocols option from the This rule applies to list, and then click the Add.
8. In Add Protocols dialog box, expand Common Protocols folder. Highlight HTTP and click on Add. (Optionally, you may need to select HTTPS if secure communication port is being used for SEP Manager – SEP Client communication.) Click on Close. Click on Next on Protocols page.
9. On Access Rule Sources page, click on Add.
10. In Add Network Entities dialog box, expand Networks, highlight Internal and click on Add. Click on Close. Click on Next.
11. On Access Rule Destinations page, click on Add.
12. In Add Network Entities dialog box, expand Networks, highlight Internal and click on Add. Click on Close. Click on Next.
13. On User Sets page, make sure that All Users is already added and click on Next.
14. On Completing the New Access Rule Wizard page click on Finish.
15. Click on Apply to save changes and update the configuration on the main window.
Above mentioned method to create Firewall Rule takes care of HTTP traffic in most cases. However, for all the clients to get updated with the new rule, user may need to reboot the client computer(s) once.