Endpoint SWAT: Protect the Endpoint Community

Hi all.  I know the general rule when replacing a SEPM machine is to make sure the replacement machine has the same name and IP address and thenyou can restore your SEPM database to it.  I haven't yet actually done this but I did once read the best practices guide. 

However Ithe old Windows XP computer currently acting as the SEPM has an issue where the SEPM service wont' start, and I don't feel like troubleshooting it since I'd have to replace the machine anyway. 

If I put in a new machine with a different name and IP address, for the systems currently configured to point to the old machine, can I just updat ethem by using the Add Client feature and choosing to send a Communications update?  I don't mind having to re-create the reports and all that - comparing that to having to troubleshoot that service issue, and then back up and restore a db, I might as well start fresh instead if updating clients is going to be "easy". 

I know it is very easy for Unmanaged clients, just wondering if it works the same for ones formerly managed by a soon to be non-existent SEPM.

Thanks! 

Yep, easieist way is to just replace the sylink on the those clients with a sylink from the new SEPM. Assuming you're running RU2 or higher, you can easily do it from the SEPM. See this article:

Restoring client-server communications with Communication Update Package Deployment

You may have seen this article but just adding it in case:

How to move Symantec Endpoint Protection Manager from one server to another server

How to move SEPM from one server to another server

https://www-secure.symantec.com/connect/articles/how-move-sepm-one-server-another-server

How to move Symantec Endpoint Protection Manager 12.1 from one machine to another

http://www.symantec.com/docs/TECH171767

Or another possible solution if you can get the XP SEPM back up is to setup another SEPM on the new server on the same version of SEP set it up to replicate from the old SEPM then once it has completed, update the Managment Server list to put the new SEPM as the main (Policies > Policy Components > Management Server Lists). Then as the machines check in with the SEPM they will start pointing at the new one. Once all machines are pointing at the new SEPM you can decomission the old SEPM.

I find this approach easier on an environment with lots of SEP clients and if you don't have admin access to all the SEP clients to do a sylink drop.  

First of all Win XP is going End of life from 8th April 2014 so please install or migrate your SEPM to the windows server 2008 or win 7.

How many clients and Policies implemented do have on the SEPM???

If have fewer clients and polices then you can follow the below mentioned steps:

1. Export the Polices from the existing SEPM.

2. Install the New SEPM version on the Machine.

3. Import the Policies.

4. Create a new test packager and test it with polices that they are working correctly.

5. Replace the now Sylink.xml on older cleints using sylink replacer.

6. After few minutes clients will start communicating with the new SEPM and showing online.

Hi,

Thank you for posting in Symantec community.

Q. If I put in a new machine with a different name and IP address, for the systems currently configured to point to the old machine, can I just update them by using the Add Client feature and choosing to send a Communications update?

-->  Nope, send new fresh package on the existing clients.

Install a new fresh SEPM, then use the Sylink.xml file to establish the communication between new SEPM and the existing SEP clients.

This option is effective if having limited number of clients in the network.