Endpoint Protection

 View Only

  • 1.  Managment server config question

    Posted Jun 25, 2009 02:28 PM
    I was looking to build some redundancy into my Endpoint security solution.

    Is there anyway to have the clients recieve updates in case the AV server goes down. I was thinking about having 2 AV servers with both contacting the internet for updates. The clients however would only be assioated with one server. In the event of a failure i could redirect them to the other server.   Whats the best way to do this?

    It's been a while since i looked into this but i thought the old solution (AV version 10.2) involved backing up the PKI files and/or changing the clients  .grc file to point to a differnet parent.   Otherwise you had to reinstall the whole client to point to a different managed server.   

    Thank you,

    Shane


  • 2.  RE: Managment server config question

    Posted Jun 25, 2009 02:28 PM
     


  • 3.  RE: Managment server config question

    Posted Jun 25, 2009 06:04 PM
    http://service1.symantec.com/support/ent-security.nsf/docid/2008032202341548

    Following that article to setup the replication server.  Once that is done and you have 2 SEPM servers on the network.
    Open up the SEPM on the primary server (original) and go to ADMIN in the SEP console.

    Under Admin, go down to Servers on the left side.
    Choose your site (local site- most likely) and below that "add existing replication partner" if yours is not already in the list of servers in the left pane.  If it, "edit site properties" and configure the order in which the clients will be reporting to the servers, in case one goes down the other will be communicated to.

    That should work.





  • 4.  RE: Managment server config question

    Posted Jun 25, 2009 06:29 PM
    You can test a LUA . it can act as the primary source of Live update and your sepm as secondary source . this way even if one fails or is down the other will bacl up . this is a lot easier than replication


  • 5.  RE: Managment server config question
    Best Answer

    Posted Jun 25, 2009 09:37 PM
    Actshane,

    Good eve.

    If your concern is only limited to providing live update to the clents, please allow me to suggest you to enable Group Update Provider (GUP). This is as simple as configuring a policy and assign it to a group.

    refer,
    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/184f7ebb04cd173480257363006d2beb?OpenDocument


    If this cannot fit in your needs,  I would recommand Fail-over and load balancing
    refer,
    http://seer.entsupport.symantec.com/docs/305180.htm


    I would not suggest replication unless you have multiple sites and huge number clients to be managed.



  • 6.  RE: Managment server config question

    Posted Jun 26, 2009 01:19 PM