Endpoint Encryption

Hello,

I would like to know if anyone can give me some details about how I can upgrade SEE 7.0.5 on all our computer to SEE 11.0. I know that I will first need to upgrade the SEE Management Server and has to be running on a Windows Server 2008 64 bit and up (which I have). But on the laptops will I have to decrypt the drives and then run the latest Management Agent and Drive Encryption or can I just run the latest install without decrypting the drives? Our machines are running Windows 7 64 bit SP1. I want to make this install as painless as possible to my users.

Thanks,

Have you taken a look at the below article?

http://www.symantec.com/docs/HOWTO101709

Essentially it walks you through the Management Server upgrade but says nothing about the clients other than that the v11 SEEMS support communications and management of earlier clients.  I get the impression the idea is that as you won't have to change anything on the client machines, you should be able to avoid decrypting them.

Unfortunately, your specific version of SEE is not on the list of supported older clients according to the below article:

http://www.symantec.com/docs/TECH153772

With no documented guidance on if SEE7.0.5 clients can be directly upgraded to v11 software, I can only see 2 options for you:

1. Give it a go on a test machine and hope for the best
2. Upgrade to an older SEE version that is supported for management by the v11 SEEMS, and that allows in-place upgrades without decryption

Option 2 would be safest (and supported) way forward.  Just FYI, to support this, take a look at the below article about upgrading machines to the v8.*.* client software:

http://www.symantec.com/docs/TECH193044

SEE v11 does not have a direct upgrade path for clients at this time.  An upgrade path from version 8.2.1 to v11 should be in our next major release.  It will not include a direct upgrade path from 7.x as far as I know.  

The clients will need to be decrypted, and then the new version will have to be installed if you choose SEE v11.  If you were to upgrade to 8.2.1 instead of 11, there is an upgrade path.  Then when v11 releases an upgrade path from 8.2.1, you could upgrade them if desired.  That process is here:
http://www.symantec.com/docs/TECH164395

Does version 11.0.1 include a direct upgrade for clients from 8.2.1 MP2 and 8.2.1 MP11 to version 11?

If so, is there any documentation of necessary command line parameters anywhere?  Any special options that need to be selected when creating the client install files?

Thanks in advance.

Unfortunately it does not.  A direct 8.x to 11.x client upgrade path is currently still in the works.  When it is released, it should work on any 8.x clients.  It was originally slated to be in the 11.0.1 release, but was not ready for release within the required time constraints.

Thank you for that information Mike.  Have a great day!

Mike - one more question if I may.

Is there any way to have computers running the old client report to the server running version 11?

Thanks in advance - I really appreciate your assistance.

Happy Hump Day!!

You can upgrade the management server components from 8.x to version 11, or set up a new management server using the same database.  You should be able to then view the data through either console.

8.x clients should continue to check in correctly to a server that is updated to version 11.  New clients could then be deployed using version 11.