Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

add new site

Migration User

Migration UserDec 04, 2013 09:22 AM

many tank for all reply.

  • 1.  add new site

    Posted Dec 04, 2013 03:23 AM

    dear all

    I have one site (default Local Site) and 500 client and 2 SEPM.

    I decide to convert second SEPM to new site.

    What I do for this?

    If I install new site, client for this server connect automatically connect to new site???



  • 2.  RE: add new site



  • 3.  RE: add new site

    Posted Dec 04, 2013 03:33 AM

    tanks RahulG .

    but i need install  CONVERT one of SEPM to new site ( in now two SEPM are in ONE Site).

    For some of client SEPM1 is management server and for other SEPM2. I need SEPM2 exit from site 1 and be SITE2. But whit no client side effect.

     



  • 4.  RE: add new site

    Posted Dec 04, 2013 03:37 AM

    Check this you can use replication method

    How to move Symantec Endpoint Protection Manager 12.1 from one machine to another

     

    Article:TECH171767  |  Created: 2011-10-13  |  Updated: 2012-07-10  |  Article URL http://www.symantec.com/docs/TECH171767

     



  • 5.  RE: add new site

    Broadcom Employee
    Posted Dec 04, 2013 03:55 AM

    you need to configure the management server list and apply to the group, so that clients can reach to the suggested SEPM's.



  • 6.  RE: add new site

    Posted Dec 04, 2013 04:09 AM

    Sooooo, here's what should happen...

    As you currently have a Load-Balanced Site (i.e. Multiple SEPMs connected to the same DB), the default Management Server List for the site will automatically tell the clients to assign the SEPMs with an even priority.  This means that if you uninstall and delete a SEPM from the site, then all the clients will automatically connect to the other one.

    The thing to be aware of is that readding the second SEPM as a replication partner will not restore this behaviour.  As a separate site (with it's own DB and everything), the second SEPM will get added onto the default Management Server List with a lower priority (or higher priority weighting number, however you want to word it).  The difference in priority means that all clients will use the SEPM in the old site first, and only switch to the new site if the old SEPM become unavailable.

    You could always create a custom MSL to give both sites' SEPMs the same priority again, but this is not recommended.

    Is this what you want?  Perhaps you could provide a bit more info on your requirements as replication is not right for everyone.  In fact, Symantec recommend keeping the number of SEP sites to the minimum required:

    http://www.symantec.com/docs/TECH92051



  • 7.  RE: add new site

    Broadcom Employee
    Posted Dec 04, 2013 06:20 AM

    Hi,

    Thank you for posting in Symantec community.

    After you moved SEPM to another site you need to keep failover/loadbalancing or replication between these two sites?

    Or you want to keep them completely two independent SEPM's?



  • 8.  RE: add new site

    Posted Dec 04, 2013 08:44 AM

    hello again

    I have one site in two datacenter for 2 years. Each datacenter has SEPM but SQL is in datacenter1.

    By symantec recomand for site , now I decide to  implement a new site for Datacenter 2 whit SEPM +SQL.

    i want use existin SEPM in Datacenter 2 as SEPM for new site. (each site only have 1 SEPM)each Datacenter should has own SEPM and SQL, ok.

    what happened for client on datacenter 2 after move SEPM2 to new site? clint try to connect to old SEPM or automaticaly connect to new site (Same Old SEMP but  in new Site - i will not change IP or Name)?

    also i need replication beetwin two site.

     

     



  • 9.  RE: add new site

    Posted Dec 04, 2013 08:46 AM

    what happened for client on datacenter 2 after move SEPM2 to new site? clint try to connect to old SEPM or automaticaly connect to new site (Same Old SEMP but in new Site - i will not change IP or Name)?

    Sep client update your new SEPM server.

    Check this articles more help you.

    https://www-secure.symantec.com/connect/articles/hot-move-sepm-one-server-another-server



  • 10.  RE: add new site

    Posted Dec 04, 2013 08:51 AM

    As per my earlier post, all your clients will default to the old SEPM at first.

    After replication is setup and running however, you can then start assigning Management Server Lists (whether the new default MSL for the new site or a custom one) to get your clients talking to their closst SEPM.  These assignments can be done by group or even by location.



  • 11.  RE: add new site

    Posted Dec 04, 2013 09:07 AM

    Hi, 

    Migrate the clients to one SEPM, by doing SEPM replication and after all clients relected on required SEPM change the msl of the groups and after this remove the other SEPM.

     Regards

    Ajin



  • 12.  RE: add new site

    Broadcom Employee
    Posted Dec 04, 2013 09:17 AM

    Scenario 1

    When you move the existing SEPM in Datacenter 2 as SEPM for new site.

    Clients will not be able to connect to the New SEPM as the certificates would change.

     

    Scenario 2

    When you move the existing SEPM in Datacenter 2 as SEPM for new site.

    Ensure the new SEPM has the same domain ID, Server certificate and encryption key. clients will then be able to communicate with the new SEPM.

     

    Scenario 3

    When you move the existing SEPM in Datacenter 2 as SEPM for new site. 

    During new SEPM installation you can ADD it as a replication partner to existing site. once replication is successfull and all the ednpoints recive the new policy. Point the clients that were reporting to SEPM2 to this new replication partner.

     

    hope this helps



  • 13.  RE: add new site

    Posted Dec 04, 2013 09:22 AM

    many tank for all reply.