Endpoint Protection

 View Only
  • 1.  Impect on SEPM server and client

    Posted Oct 05, 2010 03:38 AM

    Dear Experts,

     

    I need your suggestions for changing IP address on SEPM server.

    Due to my Data Centre migration we face issues from network so required to change ip address of all the servers.

    As per requirement we need to change the ip address of SEPM server also.

    I have doubt on communication of server and client if i changed ip address only not name (Name will be same as it is, change will made with only ipaddress, Subnet, Getway and DNS ).

    Please help me to resolve this issue and idea how i can do this without any impact.  And please tell me what impact can occure.

     

     

    Regard's

    Jack Sperow



  • 2.  RE: Impect on SEPM server and client

    Posted Oct 05, 2010 03:47 AM

    Follow the Recommended procedure in the below KB's

     

    The SEP clients find the management server by looking in management server list they are configured to use.  By default when you install the SEP Manager it creates a default management server list that contains the IP address of the manager and it's name.  If you just change the address of the server SEPM will update this list but don’t just run and change it. 

    You can create your own management server list and have the clients use it instead.  If you were to create a new Management server list with only the name of the management server it would force the clients to resolve the IP address of the management server from dns or NetBIOS and all should be well as long as you change DNS when you change the IP on the server. 

    Another idea would be to create a new Management Server List with the IP address and name just like the default list but then add the new IP address that you will be changing the server to.  This way the clients will first try the old address, the new address, and then the name.

    After you create the management server list under policies -> Policy Components you need to tell the clients to use the new list.  For this under the clients section select the group containing the clients and select communication settings under the policy tab at the top.  Select your management server list from the drop down.   It’s much easier then it sounds.

    For more info

    https://www-secure.symantec.com/connect/forums/recommended-procedure-sepm-manager-ip-address-change#comment-1712391



  • 3.  RE: Impect on SEPM server and client

    Broadcom Employee


  • 4.  RE: Impect on SEPM server and client

    Posted Oct 05, 2010 03:48 AM

     

    How do I move Symantec Endpoint Protection Manager from one server to another with a different IP address and host name?

    http://service1.symantec.com/support/ent-security.nsf/docid/2008031204405448



  • 5.  RE: Impect on SEPM server and client

    Posted Oct 05, 2010 03:49 AM

    Change of IP can cause communication issues.It is not recommendable to change the IP address of SEPM.Anyway you can do a try as follows.But remember it fails you have to reconfigure the SEPM and has to replace sylink file in all PCs for connecting back to SEPM.Also keep a backup before any change you make.

    Create and assign a Management server list to all groups which contains  the name and new IP address of SEPM.This KB can help you in this

    Creating and assigning a management server list for a Symantec Endpoint Protection Manager

    Assure that this policy is received by all clients .Then change the IP address of the SEPM and observe...



  • 6.  RE: Impect on SEPM server and client

    Posted Oct 08, 2010 03:11 AM

    Hi Arvind,

     

    Thanks to u..

    1) i need one suggestion from u.. if i change ip of my server and change sylink.xml from all the client. Will it work or not.

    2) If i prepair anoter server and add it to managment server as replication partner, then after 2-3 days i shut my main server down. Will u suggest it and please reason y we can not do this.

    Regard's

    Jack Sperow



  • 7.  RE: Impect on SEPM server and client

    Posted Oct 08, 2010 03:20 AM

    1) i need one suggestion from u.. if i change ip of my server and change sylink.xml from all the client. Will it work or not.

    ---It will work.But after changing the IP first assure that your SEPM is working properly.Some times it may require a reconfiguration.After this you can export sylink file and replace in the clients...

    2) If i prepair anoter server and add it to managment server as replication partner, then after 2-3 days i shut my main server down. Will u suggest it and please reason y we can not do this.

     

    --You mean you will create another server with new IP and add it as a replication partner to this site you will move all the clients to new server?If yes it will work.The disadvantage of this method is If you remove the first site you will not be able to create a replication partner in future if required...



  • 8.  RE: Impect on SEPM server and client

    Posted Oct 08, 2010 05:00 AM

    Dear Arvind,

     

    Need ur final suggestion how i can do resolve this issue. Cus i have lack of time.. and without any reason i have to finish this part.

    I have 180 client system only, using 11.0 MR 6, recently upgrade from MR 5.

    Regard's

    Ankit Gelda



  • 9.  RE: Impect on SEPM server and client

    Posted Oct 08, 2010 05:08 AM

    follow this document; put your new IP and New; 

    this will update the sylink file of all your clients

    once moved these will still communicate, 

     

    Creating and assigning a management server list for a Symantec Endpoint Protection Manager

    http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/e2ac3b646ae21969882573c20063533f?OpenDocument



  • 10.  RE: Impect on SEPM server and client

    Posted Oct 08, 2010 05:31 AM

    Take a backup

    Create new msl and apply to the clients(refer earlier posts)

    Wait for all clients receiving new policy

    Change the IP  of server and observe....