Verified cert bound to SSL port in IIS was present on the windows 2003 server. It was installed via the computer account to the trusted root.
We were still seeing errors regarding handshake failure. Investigating windows application and security logs showed errors regarding the operating system's Client Revocation List.
This list is updated by Microsoft, and since these servers were not connected to the internet, windows update could not update the list.
Agent disconnected from notification server
Please connect the windows 2003 boxes to the internet and allow windows updates, or install the patch hosted by Microsoft's technet:
All Symantec management platform versions including, but not limited to: 7.0, 7.1, 7.5