Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Risk in IP changing for SEPM server

Created: 23 Oct 2012 • Updated: 24 Oct 2012 | 5 comments
This issue has been solved. See solution.

We are going to change the IP Address of Current Server. So is there any impact or Risk involve in this change?

Comments 5 CommentsJump to latest comment

rs_cert's picture

Which of the Server are you tallking, Sep Client/SEPM?

If you are talking about Sep Server then be sure that the Required Port for Client/Server Communication will be open. Test the same after changing with the help of Telnet Command.

There is not any risk involve in IP Changing.

Communication Ports does Symantec Endpoint Protection 11.0 use

http://www.symantec.com/business/support/index?page=content&id=TECH102416

If you have only one SEP Manager in your network, follow

http://www.symantec.com/docs/TECH98430

If you have more than one SEP Manager in your network and If you have replication configured on the SEPM Manager in which you need to change the IP address, follow

http://www.symantec.com/docs/TECH96090

Ashish-Sharma's picture

The SEP clients contact the SEPM using the IP address. So, as long as your client machines are able to contact the new server on the installation port and IP address of the server, the migration should be fine.

You’ll be happy to know this is fairly easy to accomplish. 

The SEP clients find the management server by looking in management server list they are configured to use.  By default when you install the SEP Manager it creates a default management server list that contains the IP address of the manager and it's name.  If you just change the address of the server SEPM will update this list but don’t just run and change it. 

You can create your own management server list and have the clients use it instead.  If you were to create a new Management server list with only the name of the management server it would force the clients to resolve the IP address of the management server from dns or NetBIOS and all should be well as long as you change DNS when you change the IP on the server. 

Another idea would be to create a new Management Server List with the IP address and name just like the default list but then add the new IP address that you will be changing the server to.  This way the clients will first try the old address, the new address, and then the name.

After you create the management server list under policies -> Policy Components you need to tell the clients to use the new list.  For this under the clients section select the group containing the clients and select communication settings under the policy tab at the top.  Select your management server list from the drop down.   It’s much easier then it sounds. 

Let me know if you need any other info. 

Reference: https://www-secure.symantec.com/connect/forums/recommended-procedure-sepm-manager-ip-address-change

https://www-secure.symantec.com/connect/forums/how-change-ip-address-sepm

SEPm 11

http://www.symantec.com/business/support/index?pag...

SEPM 12

http://www.symantec.com/business/support/index?pag...

Thanks In Advance

Ashish Sharma

Ariv's picture

Agree with above comments.

Add a new management server list with new IP address and use that on all the groups.

Also check this video,

https://www-secure.symantec.com/connect/videos/changing-sepm-server-name-and-ip-address