There should be entries of the blocking in the firewall log. You can check it here:
SEPM:
Monitors > Logs > Log type: Network Threat Protection > Log Content: Traffic
Set an appropriate time range.
SEP client:
View Logs > Network Threat Protectio/View Logs > Traffic Log
In both logs, you can see the name of the firewall rule which blocked the data packet. In the SEPM view, you have to highlight a row and click on the "Details" link to achieve this.
If there is nothing, you can change your firewall policy by enabling "write to traffic log" for every blocking rule.
Maybe a new SEP 12.1 default firewall rule is overzealous.