Hi Guys,
Last week we had a major issue with our SPEM Servers.
I won't get you into all the story, but i can tell that seems the current Internal location Awarness policy we had is not good enough.
Today we are using with 1 condition that has two rules:
1. Client can cmmunicate with SEPM Mangament Servers.
2. DNS lookup for one of our addresses.
I can tell that the problem was that main SEPM server got into freeze mode, and from some reason till we shut it down completely, the clients did not start communicate with the other SEPM server we have.
The problem cause to clients get into external mode, since they tried to communicate with the main SEPM server, and did not get any response, therefore they got into external mode, which prevent from them to get into some share in the network, or even print.
I would like to get from you guys, any ideas for the most secured Internal policy you are using.
I do not want to use an IP address or an hostname case as far as I understand they can be spoofed.
If you have any ideas- I will be gald to hear them.
Thanks,
Dor