In a hierarchy, does each child Symantec Management Platform (SMP) server require its own MDM (Modern MacOS Management) server, or do we just configure one for the parent? 

ITMS 8.6 RU2 and later

MDM and the Symantec Management Agent (SMA or Sym Agent) work together even if the same Mac device is managed by a "Child SMA" and "Parent MDM", but in such scenario the same Mac device may consume a license on Child NS (by SMA) and one more license on the Parent NS (by MDM). So, 2 licenses will be consumed for the same device in one environment.

MDM Servers can only be connected to one SMP.  If multiple SMPs exist where you need to have MDM functionality, multiple MDM Servers will be required.

Broadcom's recommendations are:

- If Mac devices will be managed via MDM only (without installing the  SMA), then it is better to manage them by Parent NS only.
- If Mac devices have SMA installed from Child NS, then it is better to manage those devices via MDM server installed on the same Child NS. All management of MDM needs to be performed from this Child NS.  Move Macs to one SMP.
- Alternatively, another option would be to migrate Mac agents up to the Parent, and have the MDM server configured to the Parent.