Determining how many sites you need
A majority of small and medium-sized organizations need only a single site to centrally manage network security. Since each site has only one database, all data is centrally located.
Even a large organization with a single geographic location and fewer than 45-50,000 clients typically only needs one site. But for the organizations that are too complex to manage centrally, you should use a distributed management architecture with multiple sites.
You should consider multiple sites for any of the following factors:
A large number of clients.
The number of geographical locations and the type of communications links between them.
The number of functional divisions or administrative groups.
The number of datacenters. A best practice is to set up one Symantec Endpoint Protection site for each datacenter.
How frequently you want to update the content.
How much client log data you need to retain, how long you need to retain it, and where it should be stored.
A slow WAN link between two physical locations. If you set up a second site with its own management server, you can minimize the client-server traffic over that slow link.
Any miscellaneous corporate management and IT security management considerations that are unique.
Use the following size guidelines to decide how many sites to install:
Install as few sites as possible, up to a maximum of 20 sites.
Connect up to 10 management servers to a database.
Connect up to 50,000 clients to a management server.
After you add a site, you should duplicate site information across multiple sites by replication. Replication is the process of sharing information between databases to ensure that the content is consistent.
Table: Multi-site designs displays the multi-site designs you can choose from.
Table: Multi-site designs
Each site performs replication bi-directionally for groups and policies, but not logs and content. To view the site reports, you use the console to connect to a management server in the remote site.
Use this design when you do not need immediate access to remote site data.
All logs are forwarded from the other sites to a central site.
Use this design when you require centralized reporting.
Each site has multiple management server installations and database clustering. You can configure client computers to automatically switch to an alternative management server if the primary management server becomes unavailable.
Use this design to provide redundancy, failover, and disaster recovery.
See Setting up failover and load balancing.
Do not add sites to handle additional clients. Instead, you can install two or more management servers and use the management server list.
See How replication works.