AV Software

While we have never deployed it in the exact way you need to, I would think VIPRE on premise would work.  The server would need Internet access to get definition updates which you can push out to the client computers.  https://www.vipre.com/products/business-protection/

In reading the requirements it appears that XP is no longer supported.  I would think Windows 2000 is also not supported.

most good AV softwares are capable of this. You create an update/repository server that gets updates from the internet and the clients connect to that update/repository server.

Sophos, ESET, McAfee etc. all have the facility but give it different names.

As already mentioned, your problem is going to be around Windows 2000 and XP. Is there anything that you can do to eliminate those operating systems from the environment? What are you even using now?

McAfee, Symantec, and many other vendors have on premise solutions that meet a lot of your needs (remember that you can do centralized operations). But that would of course require clients being installed on every machine. Long story short, I haven't seen a clientless AV for Windows, especially in your scenario. But then again, imagine the sheer computing power that would be required on the server end in order to make it work. Upside with this approach is that while you still have the issue with Windows XP and 2000, you do at least have automation for Windows 7 and 10.

Had all of the desktops been virtual, there are solutions you can consider looking at which may help your cause.

Instead of using an AV.  You may want to consider using program such as Deep Freeze.  

https://www.faronics.com/en-uk/products/deep-freeze/standard

Since the PCs are only used for printing and probably won't have any changes made to it.  Any changes or virus infection will be reverted to the original state on reboot.

Several questions:

1. What is this network used for?
2. What AV solution(s) is/are currently in place?
3. Is data brought in or taken out? (Since this isn't connected to the internet, this gets into the topic of whether you use media like flash or optical drives)
4. Can users store data on the PCs themselves?
5. How much access do users have on the machines? Namely, do they have admin rights on the Windows 7 and 10 systems? (I know this gets to be trickier with Windows 2000 and Windows XP)
6. Is connecting solely the server to the internet an option?

Thank you All for your contributions on this thread.  Our equipment on the network will simply have to update to Win7 or Win10 for us to have AV protection. Budget is a big restraint to getting the computers attached to the equipment update at this time.

If budget is an issue it's worth considering Windows' free AV, Defender. It can be updated via WSUS so you don't need to expose each PC to the internet. Not a bad AV scanner for the price.

https://www.microsoft.com/en-gb/windows/comprehensive-security