We upgraded SEPM to 12.1 RU4a due to this security vulnerability http://www.symantec.com/docs/TECH214866
After doing so, however, every wan link we have (which is 10, 1.5mbps) is completely saturated. Each link averages from 4 to 10 symantec clients behind it. If I disable the SEPM service and the web server service, the links are fine. Everything has run perfectly for the last year until two days after this upgrade, with no other changes made. I do have a 2 min heartbeat interval in push mode, but as I stated it's been configured that way for the last year with no issues. I even tried changing the heart beat interval to pull mode every 15 min, let it sit for a few hours, but no change. I've contacted support and all they've said is to wait for the next release for SEPM, or try upgrading your clients to 12.1.4013 from 12.1.2015, which I've tried and hasn't helped. Does anyone have any recommendations on how to resolve this? I simply can't even run SEPM without totally bogging down our network.