You're just adding a "new" SEPM into an existing site at that point. Just make sure you leave enough time for the clients to pick up and swap over to the other SEPM at each point, and you should be fine.Įssentially, after step 2, you're in the same state as if you were just running a Single SEPM site with an off-box DB. The certs are stored in the DB, which is why copying these is not invovled in setting up an additional SEPM in the first place (). Install SEPM1 as additional server to existing site (maintaining same SEP version).Log onto SEPM2 and delete SEPM1 from the site (under ADMIN -> SERVERS in the SEPM console).
Obviously get everythin ready for a DR (backup of the keys, DB and everything is always recommended). This option is effective if having limited number of clients in the network.As you already have a load-balanced/failover setup, your process for upgrading the OS is grealy simplified. Install a new fresh SEPM, then use the Sylink.xml file to establish the communication between new SEPM and the existing SEP clients with the help of Sylink replacer tool. H) Once verified that all the clients are reporting into the new SEPM, and have moved away from the old one, proceed to the next step. G) Stop the "Symantec Endpoint Protection Manager" and "Symantec Embedded Database" service on MACHINE_1 to verify whether all client now report to the new SEPM on MACHINE_2 Note: Replication is an option, if you do replication and remove the old server that is the Primary SEPM, in future if you want to do replication you will not be able to do so.Ģ.Follow disaster recovery method & Create a new MSL.as per followingĪ) Follow "Best Practices for Disaster Recovery with Symantec Endpoint Protection" (see Related Articles below) to backup and reinstall SEPM on MACHINE_2Ĭ) Click Policies > Policy Components > Management Server Lists > Add Management Server Listĭ) Click Add> Priority and a new Priority would get added named as "Priority2"Į) Add MACHINE_1 under Priority 2 and add MACHINE_2 under Priority 1, and assign this New Management Server List to all the groups.į) Clients will then move from old SEPM to new one gradually
See "How to move Symantec Endpoint Protection Manager from one machine to another" Use replication to install a new SEPM and keep the policy the same with old SEPM. migrate symantec endpoint protection manager to cloud migrate symantec endpoint protection manager to new server move symantec endpoint protection manager. If the new SEPM server has a different IP and host name, there are two alternatives:ġ.
0 kommentar(er)
