Please follow the detail documentaion for migration
These instructions apply to Enterprise and Small Business Editions, except where differences are noted. Some steps may be somewhat abbreviated. For more details at any point, please see the product implementation guides: Symantec Endpoint Protection Implementation Guide or Symantec Endpoint Protection Small Business Edition Implementation Guide.
The steps, in order, of upgrading and migrating to Symantec Endpoint Protection 12.1:
• Review Requirements and Supported Migration Paths
• Prepare Symantec Client Security or Symantec Antivirus for migration
• Upgrade the Symantec Endpoint Protection Manager
• Manage product licenses
• Upgrade client software
See also Planning for Migration to Symantec Endpoint Protection Manager 12.1
■ Review Requirements and Supported Migration Paths
Symantec Endpoint Protection 12.1 System Requirements
Migration detects and migrates installations of the following Symantec legacy virus protection software:
• Symantec Antivirus Corporate Edition 9.x and 10.x.
• Symantec Client Security 2.x and 3.x
• Symantec Endpoint Protection Small Business Edition 12.0
• Symantec Endpoint Protection 11.x *
• Symantec Sygate Enterprise Protection *
• Symantec Antivirus for Mac *
* Legacy products marked with asterisk cannot be migrated to Small Business Edition. Also, you may migrate from a Small Business Edition to Enterprise version, but not the reverse.
NOTE: Migration of Symantec Endpoint Protection Manager 11 RU7 to 12.1 will not be supported until 12.1 RU1 (Client upgrades are OK).
You may skip migration of legacy products as follows: Uninstall the legacy software from your computers. During Symantec Endpoint Protection Manager installation, cancel the migration option. After initial product installation, use Symantec Endpoint Protection Manager to adjust the group settings and policy settings, then deploy the Symantec Endpoint Protection client to the unprotected legacy computers.
■ Prepare Symantec Client Security or Symantec AntiVirus for migration
1. Prepare Symantec Client Security or Symantec AntiVirus for migration: Disable scheduled scans, disable LiveUpdate, turn off Tamper Protection, turn off Roaming, Unlock server groups, and uninstall/delete Reporting servers.
2. Migrate legacy group and policy settings using the Migration Wizard into an existing Symantec Endpoint Protection Manager (Start menu->Symantec Endpoint Protection Manager->Symantec Endpoint Protection Manager Tools->Migration Wizard).
3. Verify migrated data.
4. Import legacy license.
5. Upgrade the Endpoint Protection Manager (if necessary), then deploy Endpoint Protection to legacy clients (see sections below).
■ Upgrade the Symantec Endpoint Protection Manager
1. Back up the database.
2. Turn off replication.
3. If you have Symantec Network Access Control installed, enable local authentication.
4. Disable secure communication between server and clients, or enable alternate communication via insecure HTTP ports. When/if the certificate changes on the server, clients exclusively using HTTPS will no longer communicate. See Symantec Endpoint Protection 11.x: How to Change the ports used for communication between the Manager and clients.
5. Stop the Symantec Endpoint Protection Manager service on every management server in your site. After you upgrade, the service starts automatically. WARNING: If you do not stop the Symantec Endpoint Protection Manager service before you upgrade the server, you risk corrupting your existing Symantec Endpoint Protection database. NOTE: When you stop the management server service, clients can no longer connect to it. If clients are required to communicate with the management server to connect to the network, they are denied access until the management server service is restarted.
6. Upgrade the Symantec Endpoint Protection Manager software. You must migrate all management servers before you migrate any clients. You are not required to restart the computer after migration, but you may notice performance improvements if you do. To migrate Symantec Sygate Enterprise Protection servers that use Host Integrity Policies or Enforcer protection, install the management server for Symantec Endpoint Protection first. Then, you repeat the installation procedure and install the management server for Symantec Network Access Control to gain access to the Host Integrity and Enforcer functionality.
7. Turn on replication after all Managers are upgraded.
■ Manage product licenses
Symantec Endpoint Protection 12.1 is licensed according to the number of Endpoint Protection clients that are needed to protect the endpoints at your site. Once the Symantec Endpoint Protection Manager is installed, you may immediately deploy clients. New Manager installations come with a trial license: you have 60 days to purchase and activate a license that covers all of your deployed clients. When migrating from an older version of Symantec Endpoint Protection (versions 11.x or 12.0), you start with an upgrade license that expires in 241 days. Note: Small Business Edition comes with a 30-day trial license, whether it is an upgrade or new installation.
1. In the Symantec Endpoint Protection Manager console, click Admin, and then click Licenses.
2. Under Tasks, click Activate license.
3. Follow the instructions in the License Activation Wizard to complete the activation process.
■ Upgrade client software
NOTE: Clients that are Group Update Providers must be upgraded first (Group Update Providers are not a feature of Small Business Edition).
Review applicable steps in Steps to prepare computers to install Symantec Endpoint Protection 12.1 client, and choose from available methods to upgrade clients to Endpoint Protection 12.1:
• AutoUpgrade*--assign client packages to groups in the Manager console, either manually or by using the Upgrade Groups Wizard.
• Permit product updates in LiveUpdate Settings policy for a client group in the Manager console.*
• Local installation from product disc.
• Run the Client Deployment Wizard from the Manager console. It will walk you through the creation of a client package that can be deployed via a weblink and email, remote push, or saved for later local installation or deployment using third-party tools.
* Methods marked with an asterisk are not available in Small Business Edition.