Endpoint Protection

 View Only

  • 1.  Multiple SEP enviroments

    Posted Nov 26, 2012 12:20 PM

    We have two separate environments:

    1. SEP11  -           2 SEPM (one parent and one child)
    2. SEP12  -           2 SEPM (one parent and one child)

    We want to end up with only the SEP12 environment.

    We have still have clients on the SEP11 environment but are having issues migrating them as they are not on the domain and we don’t have passwords that we could use in conjunction with the sylink tool.

    So my thought on this was:-

    Upgrade the SEP11 servers to SEP12.1.2 then create them as child servers (Would I have to then add those servers to the management server list?)

    Once the clients have been incorporated to the SEP12 environment is it just a case of updating the management server list and they will then only report to the SEP12 servers we want them too?

    If they above is correct I should then be able to turn off the old SEP11 servers (which would have been upgraded) right?

    Any input would good, Hope this makes sense.

    Thanks

     



  • 2.  RE: Multiple SEP enviroments

    Posted Nov 26, 2012 12:34 PM

    Is replication being used in either case? This is where the management server list will come in play.

    You can upgrade the 11.x servers to 12.1.2 (no need to turn anything off, 12.1.2 will upgrade seamlessly over 11.x)

    Otherwise, once upgraded, you can setup all 4 to act as failover load balancing (if you don't want to use replication)

    How replication works

    https://www.symantec.com/business/support/index?page=content&id=HOWTO81035

     

     



  • 3.  RE: Multiple SEP enviroments

    Posted Nov 26, 2012 12:45 PM

    Adding the MSL would be the best option.



  • 4.  RE: Multiple SEP enviroments

    Broadcom Employee
    Posted Nov 26, 2012 12:57 PM

    certificates between SEPMs needs to be exchanged to set a MSL.



  • 5.  RE: Multiple SEP enviroments

    Posted Nov 26, 2012 02:34 PM

    The ultimate goal is to decomission the hardware that the SEP11 enviroment is running on and thats the reson for switching off (just too old).

    The SEP12.1 enviroment is HA/Fail-over and the SEP11 is replication, todate we have been using altirs to move (update the sylink) from the SEP11 to SEP12.1 and either doing autoupgrade or update via altiris (which has been working a treat). The issue is with the couple of hundred systems that we have no access to and no one seems to know about (althougth they show up live in the SEPM and respond to pings). This has lead me to the above thought process of upgrading the replication enviroment and then adding them to the new SEP12 enviroment.

    Whats the process of doing the certificates between the two enviroments?