Video Screencast Help

Management server for clients

Created: 06 Aug 2012 • Updated: 06 Aug 2012 | 13 comments

Hi. I am going to preface this by stating that this is probably a stupid and obvious question. The admin who usually handles this is out on sick leave and I am filling in. We use SEPM 11.0.63. We have a main SEPM server here and then at each of our field sites (approx 80) we have a SEPM server. My understanding is that the clients at each site are supposed to get their updates from the local SEPM server and not from the server here at our central location. When I open the SEPM console on a client and go to Help and Support - Troubleshooting - I see that the client is in the right client group but the server is the SEPM here and not the one at its site. That doesn't seem right. Also, if I go to the Management Server Lists I only see the one management server - again the SEPM server here. I'm asking because my field techs are confused and our infrastructure network team is complaining about workstations hogging bandwidth trying to contact the SEPM server. Any clarification/education/understanding you can throw my way would be appreciated. I've been reading/researching all morning and I am cross-eyed. Thanks.

Comments 13 CommentsJump to latest comment

W007's picture

I think you Can Need Some knowledge Base Document to improve my Skill

https://www-secure.symantec.com/connect/forums/knowledge-base-document

 

Hello, Please check out the

 

Incase, if there are any Specific Articles you are looking for, please access the Symantec Public Knowledgebase on www.Symantec.com

Here is the URL to SymWise for Symantec Endpoint Protection version 11.x

http://www.symantec.com/business/support/index?page=landing&key=54619&version=54620&sort=recent

Here is the URL to SymWise for Symantec Endpoint Protection version 12.1

http://www.symantec.com/business/support/index?page=landing&key=54619&version=60464&sort=recent

Also, Check this:

https://www-secure.symantec.com/connect/articles/symwise-symantec-knowledgebase-and-support

 

Hope this helps ALL!!

 

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mithun Sanghavi's picture

Hello,

Is there a replication set between 2 SEPM servers?

In your case, it seems the client is reporting to a different SEPM server then the Local site SEPM server.

I would suggest you to check few things.

SEPM >> Clients TAB >> highlight the Group >> Click on Policies TAB (on the right pane) >> click on Communication settings and under Management Server List select the correct server, you want the clients within the group to report to.

Secondly, also make sure you have proper heartbeat interval set.

Hope that helps!! 

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

NJBird1427's picture

Thank you, Mithun. I followed your instructions (SEPM >> Clients TAB >> highlight the Group >> Click on Policies TAB (on the right pane) >> click on Communication settings and under Management Server List select the correct server, you want the clients within the group to report to.) and it is pointing to Default Management Server List for XYZ Co. That is the only option. Then, I check the properties of that Default Management Server List for XYZ Co and I only see the main/central SEPM server. Should I have multiple management server lists or should I see more servers in the default list? That is where I am confused.

Mithun Sanghavi's picture

Hello,

In that case, I believe it's not a Replication.

However, could you please let me know  -

SEPM >> Click on Admin >> Click Servers>> What do you see under servers?

Could you provide us a Screenshot?

If Replication is set you see more Management Server Lists.

Under the SEPM >> Policies >> Under Policy components >> highlight Management server List >> How many Management server List do you see and what are the priorites set?

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

NJBird1427's picture

Under Admin - Servers - I see two servers for the local site. Under Policies - Management Server Lists - I only see one list and that list only has one server listed. If I go to clients I see the Default group at the tob (below My Company) and then I see a group for each of our field sites where we have a server and clients. Are these GUPS? I really feel stupid with this. Seriously.

Mithun Sanghavi's picture

Hello,

well.. it's not a Replication then.

and No those are not GUP's, those are groups created to which all the clients are reporting to. Each of these groups have Policies applied.

Any Idea on how many SEPM's do you have on each server?

I believe you are mixing the term "Group" with "sites" which are both different.

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Cameron_W's picture

I really hope you don't actually have 80 SEPM's installed as that is going to be a nightmare to manage. How many clients total are you trying to manage? I assume you have a lot of smaller sites (80?), with this environment I would recommend having a GUP at each site that pulls down definitions from your SEPM so all of your clients are not trying to grab contect over the WAN.

Now if you do actually have 80 SEPM's your clients could be reporting to the wrong one if you used the install package from your original SEPM instead of building a new one from each individual SEPM, but honestly this is not the way I would recommend configuring your environment.

If I was able to help resolve your issue please mark my post as solution.

NJBird1427's picture

Here's an example. The SEPM server is here at the central location. We have a field site with a DC (Server A) that is configured as a GUP. I just verified that by right clicking on the server name in the client list and Group Update Provider is TRUE. So that makes this a GUP, right? Now, when I go to one of the managed clients at that site and open the SEP Troubleshooting console and look at Management. I see that the server is the SEPM server here at our central site. The client is in the correct group. If it is a managed client, should the Management server be the local GUP server or the central SEPM server? I hope that clarifies my question. I just want to verify that clients are using the right management server (local) and not going over the WAN to a remote server. My understanding is that clients get definition updates from the local server. Do they get anything from the main SEPM server?

Mithun Sanghavi's picture

Hello,

You could not identify a GUP by opening the SEP Troubleshooting console and looking at Management.

Under Management, it would show the IP address / host name of SEPM Server only.

Check this Articles to identify GUP.

Understanding and Identifying the different Group Update Provider (GUP) Options in SEP 11.0.5 RU5 and Later

http://www.symantec.com/docs/TECH139867

How can we check which content SEP 12.1 clients are downloading from GUP?

http://www.symantec.com/docs/TECH188574

SEP Content Distribution Monitor / GUP monitoring tool

http://www.symantec.com/business/support/index?page=content&id=TECH156558

GUP content monitoring tool ( Video)

https://www-secure.symantec.com/connect/videos/sep-content-distribution-monitor-introduction

and link to download the tool

https://www-secure.symantec.com/connect/downloads/sep-content-distribution-monitor

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

NJBird1427's picture

Two simple questions:

On a managed client, in Help and Support - Troubleshooting, what should I see for server? The local server that is managing the client or the main SEPM server?

How do I verify that a managed client is pointing to the correct server? I have looked at the sylink.xml files on several clients and they all show the main SEPM server.

If I can get the answers to these two questions I will go away.

Thanks for all the education links.

W007's picture

On a managed client, in Help and Support - Troubleshooting, what should I see for server? The local server that is managing the client or the main SEPM server?

It's pointing to Main SEPM Server...

How do I verify that a managed client is pointing to the correct server? I have looked at the sylink.xml files on several clients and they all show the main SEPM server.

You can check IP Address or Host name of main SEPM server.

(On a managed client, in Help and Support - Troubleshooting)

 

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

StephanK's picture

Hi,

I guess that your Site is setup according to the "best practice" which means you actually have ONE SEP-Manager (SEPM) and a GUP (Group Update Provider) for each Site.

When you look into Support-Troubleshooting the Clients will always show your SEPM, not the GUPs. GUPs wil lonly download the Updates for your clients from your SEPM and your Clients will use the GUP as Download-Source. think of it as a content-proxy. It really is not much more, just a "stupid" content-buffer.

All your clients WILL contact your SEPM for Reports and Information on the latest Updates. See the Links already provided to get more details aboput that.

So your Problem, basically, is some Clients downloading content directly from your SEPM?

There could be multiple Reasons for this.

As a start you could check:

1. Is your GUP alive?

2. Do you have free HDD space on yourt GUP?

3. Check the LiveUpdate Policy of that Group, are they supposed to use the GUP?