Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

SEP 12.1 (Disaster Recovery)

Migration User

Migration UserMay 27, 2014 05:21 AM

Thanks for the brief answer Beppe
Migration User

Migration UserMay 27, 2014 05:53 AM

Ok thanks for your response Rafeeq

  • 1.  SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:11 AM

    Hello Guys. when performing DR for SEPM with a SQL insance, taking the backup of DB through SEPM, backing up the recovery file and server certificate.

    Now when installing Fresh SEPM using recovery file with a SQL instance. Now when the new installation is complete restore the server certifcate and then just simply restore the DB backup through Backup and restore, will it work ? client will be connected and show online or do I need to make other changes as well ?

     

    The second option configure a new SEPM as a replication partner ( Both SEPM's should be on same version for it to work ). Once both SEPM's are fully replicated , then remove the old SEPM-1 and then use SEPM-2 for clients management.

     

    Waiting for your replies. Regards



  • 2.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:20 AM

    Symantec Endpoint Protection Manager database backup and restore explained

    Article:TECH183174 | Created: 2012-03-07 | Updated: 2012-07-28 | Article URL http://www.symantec.com/docs/TECH183174

    How to manage SEPM 12.1 database

    http://www.symantec.com/connect/articles/how-manage-sepm-121-database



  • 3.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:30 AM

    Thanks James for your reply , but my question was that particularly can we take Backup for SQL instance through SEPM or is it mandatory to take it only through SQL management studio ? 

    Secondlly once SEPM is installed using the recovery file simply restore the backup taken in the above step using the backup and restore tool and it will work ?

     

    Regards,



  • 4.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:32 AM

    Will the same process ( mentioned in above articles ) work for SQL as well ?



  • 5.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:32 AM

    It's depend on you what is the easy soluion for you

    For disaster recovery you can perform the steps as per attach article

    Symantec Endpoint Protection 12.1: Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager

    Article:TECH160736  |  Created: 2011-05-24  |  Updated: 2013-11-25  |  Article URL http://www.symantec.com/docs/TECH160736

    Moving the Symantec Endpoint Protection Manager from one computer to another without breaking client communications or losing data

    Article:TECH171767  |  Created: 2011-10-13  |  Updated: 2014-04-29  |  Article URL http://www.symantec.com/docs/TECH171767

     

    How to move Symantec Endpoint Protection Manager from one server to another server

    Article:TECH199292  |  Created: 2012-11-02  |  Updated: 2013-03-19  |  Article URL http://www.symantec.com/docs/TECH199292


  • 6.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:36 AM

    yes it's work you can test for test environment.

    How to move SEPM from one server to another server

    https://www-secure.symantec.com/connect/articles/how-move-sepm-one-server-another-server



  • 7.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:50 AM

    Thanks for your replies guys , one more thing I would like to ask is a number of clients are showing offline say 250 . Now is there any script that I can use to recycle the service on the clients through the SEPM console either via Active Directory , GPO or some other mechanism ?

    I dont want to run the smc-stop , smc -stop on each clients manually which are showing offline to recycle the service.

    Thanks and Regards



  • 8.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 02:55 AM

    See GJCronje comments

    https://www-secure.symantec.com/connect/forums/smc-keeps-stopping-0

     

    You have to run this to create a task for each server in a batch file like this, just change the path to SMC depending on SEP11 and 12

     

    SCHTASKS /Create /S Server01 /SC minute /MO 10 /RU SYSTEM /TN SMCStart /F /TR "'d:\program files\symantec\smc.exe' -start"

    SCHTASKS /Create /S Server02 /SC minute /MO 10 /RU SYSTEM /TN SMCStart /F /TR "'d:\program files\symantec\smc.exe' -start"

    SCHTASKS /Create /S Server03 /SC minute /MO 10 /RU SYSTEM /TN SMCStart /F /TR "'d:\program files\symantec\smc.exe' -start"



  • 9.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 03:41 AM

    Hello,

    SEP does not need to be integrated with such script.

    The clients refresh their status at every hearbeat.



  • 10.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 04:08 AM

    Beppe the problem is clients are showing offline and they are in a large number and I want to recycle their service through some centeralized way . I do not want to log into each machine separately and then run smc -stop , smc -start command to recycle the service.



  • 11.  RE: SEP 12.1 (Disaster Recovery)
    Best Answer

    Posted May 27, 2014 04:49 AM

    In a large network, it is normal the SEPM can't reflect the status of the clients at 100%, you need to accept it.

    If X clients are showing offline, again, it is not 100% correct but it should be so for most of them, hence triggering a service recycle for several/all clients to slightly increase that accuracy does not pay off the effort.

    Furthermore, if you recycle the service on several/all clients at once, this will trigger complete SEP-to-SEPM communication for all of them (download of new content and policies and upload of client logs) causing a spike of traffic and load on your SEPM, hence low performance, something nobody is looking for.

    For this reason, in big networks, SEP-to-SEPM communication must be set in pull mode and not in push mode, you are just going in the other direction with your idea of recycling the service. If you need more updated clients status just reduce the heartbeat interval (this will increase the load on the SEPM).

    Said in other words, you need to accept a trade-off between accuracy and performance with the hardware you have, you can't get all.



  • 12.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 05:21 AM

    Thanks for the brief answer Beppe 



  • 13.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 05:41 AM

    take backup from sepm or sql its all the same. you need to restore the DB, put back the cert thats it...

     



  • 14.  RE: SEP 12.1 (Disaster Recovery)

    Posted May 27, 2014 05:53 AM

    Ok thanks for your response Rafeeq



  • 15.  RE: SEP 12.1 (Disaster Recovery)

    Broadcom Employee
    Posted May 27, 2014 11:34 AM

    Hi,

    Now when installing Fresh SEPM using recovery file with a SQL instance. Now when the new installation is complete restore the server certifcate and then just simply restore the DB backup through Backup and restore, will it work ? client will be connected and show online or do I need to make other changes as well ?

    --> Ideally it should work.