Just so you know, I got my answer from Symantec support. There is a lot of stuff you have to do or check that is not present in the SharePoint admin guide, so I'll share the check list I got from them:
1. NetBackup client version 7.0 installed on all servers in the SharePoint farm, even SQL backend.
2. The NetBackup cilent service is being started by a domain account
3. the domain account in step 2 has the following privileges and permissions:
a. "Replace a process level token" and "Debug programs" (administrator tools - Local security policy - Local policies - User rights assignment) for all servers in the SharePoint farm, backend SQL included.
b. Local administrator rights on all servers in the SharePoint farm.
c. Withing SharePoint central administrator, the domain account is specified as a SharePoint administrator (Operations - Security configuration - update farm administrator's group)
d. The system administrator role on the SQL server for SharePoint databases (in SQL - Security - roles - sysadmin - add the domain account)
4. .Net Framework 3.5 at minimum
5. Dont forget to make all the changes in the master server attributes and the client attributes as specified in the SharePoint admin guide.
6. In the policy, the client selection is a front end web server for the SharePoint portal. The backup selection for your first policy should be: "Microsoft SharePoint Resources:\"
If you want to use GRT, you have to make that policy first and run a backup (its an object level backup just as Sharepoint might perform by himself) without the "Enable Granular Recovery" check box ticked. Then you activate GRT and add 'AllWebs" to the backup selection.
Hope this could help others!