Symantec Endpoint Encryption has the ability to manage each of the computers that check in with the server. There are cases where systems are no longer in the directory, and in these cases, they are automatically removed. There are other scenarios where systems may not be removed and stay in the database until the systems age to 1, 2 or 3 years without checking in--this can happen if you repurpose the machine, and give it a new name. The SEE Management Server will still manage these systems and there is an option to clean systems out if they haven't checked in for 1, 2, or 3 years. This Feature Request is to include the ability to have more granular control to delete machines in the SEE Management Server.
Symantec Endpoint Encryption 11.4 and above have new functionality that will allow you to delete computers individually.
There is also some archive functionality. For more information on this, see the following KB:
195857 - Symantec Endpoint Encryption Database Maintenance - Cleanup old machines and client data
EPG-22856
ISFR-1674/EPG-24116
ISFR-1675/EPG-24117
ISFR-1574/EPG-22610