If this is better to be posted on the SEPM forums, feel free to move it there.
We're running backup exec 2014 and SEP 12.1 and the SEPM/SEP files are generating daily incremental backup data of roughly 10 gigs. The following folders contain the majority of the backup data that is being included in those incrementals:
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Inetpub\Content (about 3 gigs)
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db (about 3 gigs)
C:\ProgramData\Symantec\Definitions (about 3 gigs again)
C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.xxxxx\Data\Definitions\VirusDefs\
Of these, I know that the db folder will need to be backed up, however all 3 of the other directories appear to contain virus definitions/virus definition deltas. If I were to exclude the other folders from backup and we were to enter a disaster recovery situation where I did a full restore of the system, from SEPM and SEP's point of view, these files would appear to have just been mysteriously deleted. How would SEPM and SEP react to this? Would they just go out an re-download the appropriate files or would this simply fubar my SEPM and SEP installations?
Related articles I was able to find:
http://www.symantec.com/connect/forums/what-sep-filesfolders-exclude-during-backup
This article indicates to just entirely exclude the SEP directories from backup (and certain other shared symantec files), which would functionally delete all of SEP's files and potentially some shared files used by other applications. This seems like a horrifyingly terrible idea, as you'd have uninstalled all of the application files while leaving all of the registry entries intact. Windows would still attempt to start SEP on startup, but wouldn't even be able to find the executable. I don't know if SEPM would be able to start, as it may be missing symantec shareed files it needs. A reinstall would probably fix SEP, but I have no clue how SEPM would react or the backup exec agent installed on the server. SEPM might have to be reinstalled as well, which might not go nearly as well as most of it's files would still be present on the system. Would a reinstall of SEP and SEPM work? Would my SEPM database still be usable, or under this solution would I be better off to just exclude all of the SEPM files as well and deal with the potential database loss. If I did the reinstall, would my existing clients be able to re-attach themselves to the SEPM server or would I have to also go through and redeploy SEP to all of the clients?
https://www-secure.symantec.com/connect/forums/symantec-definition-files-causing-large-incremental-images-shadowprotect
This isn't related to backup exec and is specific to SEP(M) 11.x rather than 12.1, but seems to be functionally the same issue. Unfortunately, it doesn't actually list files that could be excluded it simply links to another article about disk space management... which also doesn't list files that are safe to delete/exclude, simply procedures to reduce the number of backup deltas and compress the database. Neither of these is actually applicable.