Endpoint Protection

Hi all,

Assuming two sites A and B, each of them having six SEPMs with load balancing configuration within their own sites!

Now if I wish to replicate, I would add a SEPM1 from site B to be a replication partner for a SEPM1 in site A (which by itself means that the two sites are replicated. 

However, what if any of the SEPMs configured to be replication partners fails?

Considering the above scenario, if I wish to add SEPM2 of Site B as a replication partner to SEPM2 of Site A, will I be able to have this logically functioning as a "Failover" for the "replication" setup for these sites. 

Please note that the SEPM2 of both the sites are already configured as load balancing servers. I would like to know if the above could be establised?

If yes, how? please explain

If no, please explian the detailed reasons.

Can a SEPM which is already configured to be a failover/loadbalancing, be added as a replication partner?

Also, there is an option "replication management server list" when editing remote site's properties. What is the significance of that option and how relevant or different is it from the MSL Policies that are created under "Policies"?

Thank You in a advance!

Regards,

Elango M.

First of all are both these sites A & B installed as Standalone. If both the sites are installed as Standalone then you need to re-configure one of the site as Replication partner.

To configure replication between both these Sites during installation of Site A / B it needs to be installed as a replication partner to Site B / A.

If Replication is configured between both the sites. it would been seen automatically in Admin ----> Servers

It is also recommended not to have more than 5 SEPM connecting a single DB.

Replication will happen between the 1st SEPM of both the sites.

Only SEPM configured as Replication Partner can be added as replication partner

I don't know how far my information helps you.

How to move a replicating SEPM from one Server to another keeping the Settings

http://www.symantec.com/docs/TECH93784
 

In first case, if B1 fails, you can make B2 as the partner according to the document!

Keep Posted.

Good Luck!

Hi,

1) How many clients are you going to handle with 12 SEPM? In how many continents?

2) It seems you are using a lot of resources to have a full fail over architecture, are you sure you need it?
- If one or two SEPMs of 12 are off-line for some days, nobody will notice it hence you have a lot of time to restore a back up or fully replace the servers
- If one of the two DB is down, the other one will serve the clients but you need to restore asap the damaged one; focus on your backup and restore procedure
- if one of the two replication is down, everything works fine but there is no communication between the two sites; we recommend to replicate only once a day, hence nobody will miss a replication partner until the scheduled replication happens; if you accept one replication failure, you have more than 24 hours to restore a SEPM server and your systems are still fully protected

3) Note, replication partners can be set only at installation time, you cannot convert normal SEPMs to replication partners on-the-fly. To avoid this common mistake, the related option in the console is "add existing replication partner" and NOT "add new replication partner", this option is there because during some maintenance activities it is required to delete a replication (set at installation time) and add it again at the end of the activities.

So, in conclusion, it seems you want your SEP architecture always up and running like a nuclear plant but, frankly, you can introduce some hours of tolerance (having a SEPM or a DB down for some hours does not reduce at all the security in the clients), you need to reduce the complexity of your SEP architecture to reduce the maintenance and you must focus on your back up and restore procedures in order to rebuilt a machine in less than one hour which is possible for any company so big that requires 12 SEPMs.