Hello community , I am about to propose a solution to a customer . Before doing that I would like to have your expert opinion and suggestions on the following.
Existing Scenario
CITY A (Primary Data Center)
Site 1 = 1 SEPM with Embedded DB ( supporting 500-600 clients)
Site 2= 1 SEPM with embedded DB (Supporting 600-700 clients)
Site 3 = 1 SEPM with embedded DB (Supporting 100-200 clients)
Current version of SEPM is 12.1.3 and clients have SEP 12.1 - 12.1.3
CITY B
Site 1 = 1 SEPM with Embedded DB ( supporting 500-600 clients)
Site 2= 1 SEPM with embedded DB (Supporting 200-300 clients)
All Sites are independent of each other, i.e 1 SEPM= each site (Admin on each site), there is no Replication or Failover between the Sites nor centralized policy enforcement on all SEPMs
Proposed Solution
1. Install 2 SEPMs 12.1.6 MP2 at primary site i.e Site 1 and configure them in Failover/Load balancing mode. Configure 1 GUP at each site ( on the same machine where SEPM was running previously . Uninstall SEPM and install SEP client and enable it as a GUP for that particular site . Each Site = 1 Group
2. Point every endpoint located in all sites on both Cites to the SEPMs located in Primary DC with MSL (Management Server list configured for load balancing)
3. We can use a Communication update package remote push from the new SEPMs to the endpoints connecting to the old SEPMs in their respective region or we can generate a new package from the new SEPMs and then remote push it to the endpoints from the new SEPM so that all the endpoints can be pointed/connected to the new SEPM and then can be upgraded as well.
What do you say is this a right approach in the regard as migrating from Old ( Strange and not optimized) setup to this new ( Centrally manage setup) . Do you have any suggestions in this regard. I can easily point clients to the new SEPMs from the old setup.
Thanks