At times you may be reported by users about Symantec Client tray icon Notification "[SID: <pid number> Attack: SMB Double Pulsar..]"
Similiar as below 
First measure no need to panic your machine is secure by Symantec Endpoint Protection.
Second step is to trace source of attack.
As primary suspect one of network machines seems to be reason of attack to trace that machine SEPM Logs or Monitor Summary can assist us.
Option 1. SEPM Console GUI : Monitors → Summary (Tab) → Network and Host Exploit Mitigation (drop down) → Top Sources of Attack (frame)
Option 2. SEPM Logs : Monitors → Logs (Tab) → Log Type 'Network and Host Exploit Mitigation' → Log Content 'Attack' → View Log (Button)
Extract Logs to spreadsheet and filter on column 'Event Description' for two selections
| [SID: <pid Number>] Attack: SMB Double Pulsar Ping attack blocked. Traffic has been blocked for this application: SYSTEM |
| [SID: <pid Number>] OS Attack: Microsoft SMB MS17-010 Disclosure Attempt attack blocked. Traffic has been blocked for this application: SYSTEM |
Find unique 'Remote Host IP'
Third Step is to clean source machines with infection. DIsconnect machines and install SEP if not present and update with latest definition. Full scan for cleaning infection. It may ask for restart of machine.