When installing an unmanaged SEP for Macintosh client (versions 12.1 RU4 or newer), there is no option to install with the "Network Threat Protection" feature removed or permanently disabled. This is by design since an unmanaged installation is meant to provide the end user with full control of the client settings.
Note that the "Network Threat Protection" settings label in the SEP for Macintosh client GUI is misleading. NTP policy has no effect on SEP for Macintosh. The only firewall feature available for the Macintosh is Intrusion Prevention (IPS).
Due to the complexity of some client deployments, support has identified a work-around that can be used to implement an unmanaged Mac client that will have IPS permanently disabled. This involves installing a managed client with a specific policies and then converting it to an unmanaged client.
How to make your clients unmanaged with IPS disabled.
Now the client is running as unmanaged and the NTP/IPS features are locked and disabled.