Endpoint Protection

We need to reinstall the SEPM manager installed as a Replication site.

The infrastructure is :

SEPM_1 - First installed server on site - SQL database on another server SQL_1

SEPM_2 - Second server installed as additional site for replication - SQL database on another server SQL_2

Both sites has been replicating and each manager administers hundreds of clients in each country.

The SQL Database backup is ONLY the DB on the first server - SQL_1, there is no backup of the replication site server.

Re-Installing the SEP Manager on SEPM_2 as a additional site of the SEPM_1 and replicating the database across the WAN channel is enough ??

Or Do I need the disaster recovery information, certificate files and database backup, to rebuild the communication between clients and SEPM ??

Thanks in advance

Backing up the database
Before you upgrade, you should back up the database.

To back up the database

• 1. Click Start > Programs > Symantec Endpoint Protection Manager > Database Back Up and Restore.
  2. In the Database Backup and Restore dialog box, click Back Up.
  3. When asked "Are you sure you want to back up the database?" click Yes.
  4. When you see the message "The database has been backed up successfully," click OK.
  5. In the Database Backup and Restore dialog box, click Exit.

Disabling replication
If your site uses replication, you must disable replication before upgrading Symantec Endpoint Protection Manager. You must disable replication at each site that replicates.

To disable replication
• 1. Log-on to the Symantec Endpoint Protection Manager Console.
  2. Click the Admin tab, then Click the blue Servers tab at the bottoms of the pane
  3. On the Servers tab, in the left pane, expand Local Site, and then expand Replication Partners.
  4. For each site that is listed under Replication Partners, right-click the site, and then click Delete.
  5. In the Delete Partner prompt, click Yes.
  6. Log-off the console, and repeat this procedure at all sites that replicate data.

Stopping the Symantec Endpoint Protection Manager service
Before you upgrade, you must manually stop the Symantec Endpoint Protection Manager service on every management server in your site. After you upgrade, the service is started automatically.

 

WARNING: You must stop the Symantec Endpoint Protection Manager service before you perform this procedure or you will corrupt your existing installation of Symantec Endpoint Protection Manager.
 

To stop the Symantec Endpoint Protection service

1. Click Start > Settings > Control Panel > Administrative Tools.
2. Double Click Services to launch the Services MMC snap-in.
3. In the Services window, under Name, scroll to and right-click Symantec Endpoint Protection Manager.
4. Click Stop.
5. Close the Services window.
   • Warning: Close the Services window or your upgrade may fail.
6. Repeat this procedure for all Symantec Endpoint Protection Manager

http://www.symantec.com/business/support/index?page=content&id=TECH160736

http://www.symantec.com/business/support/index?page=content&id=TECH102333

you should have DR steps followed before doing any changes.

what is the SEPM version?

check these articles for SEP DR steps

SEP 11 – Disaster recovery

http://www.symantec.com/business/support/index?page=content&id=TECH102333

SEP 12- Disaster recovery

http://www.symantec.com/docs/TECH160736

The server SEPM_2 is offline and there is no local backup. The only backup is the original first site server that is runnig and the database is working.

The SEP version is 12.1.671.

Do I need the local backup  and disaster recovery ??

The original replication site should store all the site information..  isn't It ??

the first site will have information about the other SEPM based on checks you have enabled for replication, like log, content & packages.

by default groups, policies are replicated.

What about the communications between the SEPM replicated and clients ?? 

Are the certificates restored to the new SEPM from the remote database with the replication, or are needed the .JKS files with the restore certificates process ??

from SEP 12.1 onwards it is stored, please find this information

The recovery file includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. After you install the management server, copy the compressed recovery file to another computer. By default, the file is located in the following directory:

Drive:\\Program Files\Symantec\ Symantec Endpoint Protection Manager\Server Private Key Backup\recovery_timestamp.zip

■ The recovery file only stores the default domain ID; IDs for all domains (including the default domain) are stored in the database. If you have multiple domains and will be performing a disaster recovery without a database backup, you must re-add additional domains and their IDs after the SEPM is re-installed. See step 3 for instructions on backing up additional domain IDs.

■ If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest file.