That is most likely the new IQAgent feature added in 30.7-ish. The IQAgent process is the phone-home mechanism that is used with the new cloud service ExtremeCloud IQ (XIQ). It is enabled by default and will globally enable some features which are needed for XIQ operation. However, This shouldn't be a security issue unless you've also configured SNMPv1v2c community strings (all XIQ SNMP traffic is tunneled internally from the cloud, hence the 127.0.0.1). SNTP is also enabled in this process as well.
If you want this to stop, simply disable the IQAgent (note this will also disable DHCP on the mgmt VLAN if enabled):