Vidéos d'aide de Screencast
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Consolidation of SEP. I have three separate servers.

Created: 30 Janv. 2013 • Updated: 30 Janv. 2013 | 14 comments

Hi

This is my first post, so hello to everyone. I have just taken on a project and am looking for a little direction :-)

We have offices in three European cities. I have an SEP solution in place. Each office has its own seperate solution.

I would like to consolidate the three severs so I can manage the solution from one place. I am not physically onsite in two of the locations.

Can I simply turn two of the sveres off and point the cleints at the central location? Would I need to cluster the solution,..  allow replication and then turn the other two off?

Any help or a point in the righ direction would be gratefully recieved :-)

Dave

Commentaires CommentairesAccéder au dernier commentaire

l'image des .Brian

Basically what you need to do is setup reaplication between the 3 to get them all into one. Than you can setup your management server list to set the SEPM you want to be the main one as a Priority 1 and evcentually turn off the other two.

How replication works

Article:HOWTO81035  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81035

Setting up sites and replication

Article:HOWTO81029  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81029

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

l'image des Ashish-Sharma

Hi,

You can configure replication between server and failover.

For Failover and Load Balancing

1) About failover and load balancing

http://www.symantec.com/docs/HOWTO26809

2) About Load Balancing and Failover Clustering in Symantec Endpoint Protection 11.0

http://www.symantec.com/docs/TECH104519

3) About installing and configuring the Symantec Endpoint Protection Manager for failover or load balancing

http://www.symantec.com/docs/HOWTO26808

4) Installing a management server for failover or load balancing

http://www.symantec.com/docs/HOWTO26807

Check this Thread:

https://www-secure.symantec.com/connect/forums/failover-concept

REPLICATION

1) About installing and configuring Symantec Endpoint Protection Manager for replication

http://www.symantec.com/docs/HOWTO26797

2) Installing Symantec Endpoint Protection Manager for replication
 
 
3) What is Management Server List and how to configure Failover between replication partners using embedded database.
 
 
 

Thanks In Advance

Ashish Sharma

l'image des SMLatCST

While replication has been mentioned, Symantec Best Practices actually recommend to not use it unless you have to.  To asses if it is necessary, you'll need to consider the number of clients, and available bandwidth to your proposed central location:

http://www.symantec.com/docs/TECH92051

To be fair, whether you implement replication or not, you'll have to change the communications file on the clients at 2 of the 3 sites, so you might want to familiarise yourself with the sylinkdrop tool:

http://www.symantec.com/docs/HOWTO66139
http://www.symantec.com/docs/TECH157585

And SEP12.1RU2's ability to remotely push new communications files (which also leverages sylinkdrop):

http://www.symantec.com/docs/HOWTO81116

l'image des SebastianZ

If you don't really need the two other sepm servers and want to manage all the infrastructure from one central SEPM location just point all your existing clients to this server by replacing the communications settings - in 121. RU2 you can do this with the client deployment wizard and push the new communication file:

https://www-secure.symantec.com/connect/articles/s...

l'image des Chetan Savade

Hi,

Welcome to Symantec Community where you can find all the answers related to Symantec products & Thank you for posting your query in the Symantec security forum.

You should first decide the path you want to follow.

1) If planning to manage through single site then you won't have any SEPM backup.

Drawback is if main site goes down then all the clients will be offline till the server is back again.

2) If planning to perform replication then need to make sure about available bandwidth utilization between main site & remote sites.

Could you please update us with the following info. With this info we would be in a better position to assist you.

1) SEPM version

2) Total number of clients at each site & expected number of clients in near future

3) Bandwidth between main site & remote site

4) Group Update Provider (GUP) is configured?

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

l'image des Hooliuk123

Thanks that sounds perfect. 

which ports would I need to open on our VPN to allow the A: Users to connect to our server here. B: the servers to replicate.

Thanks

Dave

l'image des Ashish-Sharma

Which Communications Ports does Symantec Endpoint Protection use?

Article:TECH163787 | Created: 2011-07-01 | Updated: 2012-03-30 | Article URL http://www.symantec.com/docs/TECH163787

Thanks In Advance

Ashish Sharma

l'image des Hooliuk123

Hi

Here is the info..

1) SEPM version   12.1

2) Total number of clients at each site & expected number of clients in near future  

site 1= 162 site 2 = 30 site 3= 30

I would suggest we would purchase 200 + 50 + 50 licences upon renewal end of next month.

3) Bandwidth between main site & remote site

60M between each site each way no taking into account VPN over head.

4) Group Update Provider (GUP) is configured? No idea :-/

Thanks

David

l'image des Chetan Savade

Hi David,

Thanks for the update.

By looking at given scenerio you have very less number of clients on remote sites.

You can manage them from main site.

Follow the recommendation given by SebastianZ to point clients to the central site.

https://www-secure.symantec.com/connect/articles/s...

Plus you need to configure GUP at each site.

Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)

http://www.symantec.com/business/support/index?pag...

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

l'image des Hooliuk123

Thanks for all the replies guys.

I have LOTS of reading to do. 

D

l'image des .Brian

it may just be easier to use sylinkreplacer to move 60 clients in total.

Or you can do it with SEPM 12.1.2. Check this article:

Restoring client-server communications with Communication Update Package Deployment

Article:HOWTO81109  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO81109

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

l'image des SMLatCST

Given the numbers of clients involved and the 60M links, I'd recommend just pointing the SEP Clients in the smaller sites at the SEPM in the larger one (use the articles I linked in my earlier post for help with this).

You may want to look at GUP as a way to minimise traffic between the main site and your smaller sites.  more info on this technology below:

http://www.symantec.com/docs/TECH139867
http://www.symantec.com/docs/TECH96419
http://www.symantec.com/docs/TECH198702
http://www.symantec.com/docs/TECH198640

l'image des SMLatCST

Oh yeah, as far as the licenses go, you could just add them all onto the same SEPM if using v12.1.  If you're still on v11, then there's nothign to do other than the client redirection.

On the legal side, you will likely want to contact Symantec Customer Support to enquire about consolidating the licenses:

http://www.symantec.com/support/assistance_care.jsp