follow the disaster recovery 

http://www.symantec.com/business/support/index?page=content&id=TECH102333

or 

How to move Symantec Endpoint Protection Manager from one machine to another

http://www.symantec.com/business/support/index?page=content&id=TECH104389

Hello,

Please Understand: 

The differences between 2003 Server and 2008 Server are major. In particular, the change from IIS 6 to IIS 7 introduces a very major overhaul in the way programs 'hook' into IIS. When the SEPM is installed with IIS 6, it is configured differently than it would be if it were installed with IIS 7. There is nothing in the server's migration process that accommodates these configuration differences.

Method 1:
 
1. Migrate your SEPM Console to the latest version of SEP.
 - Follow the following documentation. 
http://www.symantec.com/docs/TECH155655
 
2. Follow the steps in our documentation for Best Practices for Disaster Recovery:
 
Best Practices for Disaster Recovery with Symantec Endpoint Protection
http://www.symantec.com/docs/TECH102333
 
3. Move the disaster recovery files (the database backup and the keystore information) to a backed-up location.
4. Uninstall the SEPM.
5. Perform the migration to Windows 2008 Server.
6. Install the SEPM.
7. Perform the recovery steps in the Best Practices for Disaster Recovery documentation to restore the database from a backup and import the communication settings.
8. Clients should automatically begin checking into the SEPM Console if Step 7 is successful.
 
 
Method 2:
 
1. Export any policies that you would like to keep and save them in a backed-up location.
 - Right-click the policy in the main Policies tab and select Export Policy...
2. Make note of your current group structure
 - Expand all the groups in the main Clients tab and take a screenshot.
3. Uninstall the SEPM.
4. Perform the migration to Windows 2008 Server.
5. Install the SEPM.
6. Log into the SEPM and re-create the group structure in the main Clients tab and import the policies in the main Policies tab.
7. Download and run SylinkReplacer (https://www-secure.symantec.com/connect/downloads/sylinkreplacer-tool-connecting-sep-clients-sepm)

 - You can export a sylink.xml from the SEPM. In the Clients tab, right-click a group and select "Export communication settings". Rename the file it exports to "sylink.xml". 
8. Clients should automatically begin checking into the SEPM Console under their previous groups after SylinkReplacer is finished.

Both methods have their advantages/disadvantages... Method 1 requires a little more work on the front-end (before migration to Win2008) and will be more convenient when re-connecting clients. However, it is prone to failure and is therefore less reliable (although, worst case scenario is to revert to the second method). Method 2 requires very little pre-migration work and a little more work afterwards, but it's very reliable.
 

I have 2 SEPM consoles each with their own database and they do replicate.   I also would like to move from 2003 to 2008R2 on my servers.  I am running my servers on ESX so that may give me some options. Here was my plan which I think will work

1 upgrade the existing servers to 12 and get them replicating again

2 Install new SEPM servers on the new 2008R2 servers in each of my data centers and link them to the existing databases

3 export new packages for installs that point to the new servers and get them in my images and have server team start using them for new server installs.

4 Remove the old 2003 servers

Does that sound like it should work in my mind in seems like it should and be fairly painless.