Video Screencast Help

Replication and considerations

Created: 17 May 2011 • Updated: 08 Jul 2015 | 8 comments
Language Translations
Chetan Savade's picture
+28 28 Votes
Login to vote

Updated on 8th July'15

Replication enables data to be duplicated between databases one separate sites so that both databases contain the same information. If one database fails, you can manage the entire site by using the information on the database from another site.

A partner is a management server on another site with a different database and management servers. A site may have as many partners as needed. Each partner, or remote site, connects to the main site or local site, which is the site that you are logged on to. All sites that are set up as partners are considered to be on the same site farm.

Each site you replicate data with is either a replication partner or a site partner. Both replication partners and site partners use multiple servers, but the database they use and the way they communicate is different:

If you have a legacy Symantec Endpoint Protection 11.0 site in which you use replication, you must turn off replication before you upgrade. Due to a database schema mismatch, the replication of data between legacy and updated databases during or after the upgrade corrupts the database. You must turn off replication at each site that replicates. You must log on to and turn off replication at a minimum of two sites.

Note: SEP 11 version is now End of Life (EOL)

Symantec Endpoint Protection 12.1 and later does not require that you turn off replication before you upgrade. Symantec Endpoint Protection 12.1 and later does not allow replication if the database schema versions do not match

Replication : Replication is duplication of Records

*  Replication causes data to be transferred or forwarded to another SEPM.

*  A replication partner is a SEPM that is part of another site.

*  Sites can have multiple replications partner.

*  Changes made on any partner are replicated to all sites.

*  Policies and groups are replicated.

*  Replication between any supported version of SQL and Embedded database is supported.

Considerations: Before setting up replication.

    1. Minimise number of Sites - Ideally below 5

    2. Network Bandwidth and Link

    3. Network Latency.

    4. Database Size on the Primary site.

    5. If any Firewall, Proxy, Router, etc. exists between 2 sites.

    6. Does these Firewall or Routers have packet scanning mechanism built in, as this can strip the zip  file that is passed on the link.

Considerations: Adding a new Site to an existing replication partner.

   1. Make sure the replication Schedule is not set to “Automatic”.

   2. Make sure Liveupdate schedule is NOT set to “Continuous” or “Every 4 hours” & Replication should not overlap with scheduled Liveupdate session. 

   3. Lower the count of Content revisions in the Liveupdate settings.

   4. Purge SEPM Logs.

   5. Symantec strongly recommends that you do not exceed 10 

Database supported for SQL:

  1. Sybase adaptive server anywhere (ASA) 9.0

  2. Microsoft SQL 2000 Server with SP4

  3. Microsoft SQL 2005 Server with SP2

  4. Microsoft SQL 2008 Server (RU5 onwards)

Best Practices

  1. For more than 3 sites or 1,000 clients: No more frequent than once per day  

  2. Versions of the Policy Manager have to be the same.

  3.  Replication schedules should not overlap.

  4.  If replicating over WAN, only replicate the logs.

  5.  Number of replicated sites should ideally be kept below 5. Ratio will be 1:4 ( i.e 1 primary : 4 seconday )

  6. The value of  “Content revisions to keep” should be set to a  lower value.

  7. If you have configured multiple replication partner then always make sure that the replication schedules won't overlap .This situation can lead to Database Deadlock issues. 

   8. Delete Replication Partners when

            1.Upgrading the Policy Manager.

            2.If any CRT Approved tools need to executed.

            3.Software / Hardware maintenance on the Policy Manager.

            4.Backing up database manually.

Information that need to be gathered for troubleshooting:

 1. Gather Tomcat logs from both the sites.

 2. Gather Tomcat logs from Site 1 and “Install Error” logs from New Site, if the initial replication fails.

 3. IP Addresses and Server Names.

 4. Database Backup (SQL server or Embedded database).

 5. Wireshark logs to check for network issues.

 6. SEP Support tool logs from all the sites. A full data grab is needed.

Replication initiate if there is any change in USN number 

USN stand for Update Sequence Number.

Every record in the database is associated with a USN.

USN is incremented/updated every time there is a change in the records.

Data comparison happens on the basis of the USN.

The USN defines whether a record is to be Added or Modified.

Note : If you wish to move SEPM from one machine to another with the help of replication, Replication is an option, decide whether to go or not.Beacuse if you do replication and remove the old server that is the Primary SEPM , in future if you want to do replication you will not be able to do so.

SEP11.x  Replication

You will have to break the replication between SEPM's before doing an upgrade.

SEP 12.1 Replication Advantage : 

Eliminates cross version replication corruption

Few helpful links :

How replication works

Managing sites and replication

Adding a replication partner

Changing the automatic replication schedule

Turning on replication after migration or upgrade

Turning off replication before migration

Determining how many sites you need 

Adding replication partner fails, but it still shows up in the Symantec Endpoint Protection Manager console

Replication error when deleting and restoring replication partner during replication 

How to install the Symantec Endpoint Protection Manager(s) for replication 

How to configure the replication schedule for Symantec Endpoint Protection Manager (SEPM) 

How to add an additional site to configure replication for Symantec Endpoint Protection Manager (SEPM) using an Embedded Database


How to change the host name of the servers running Symantec Endpoint Protection Manager with a replication partner?

Does Symantec Endpoint Protection Manager support replication between sites running different versions?

How to Perform Offline Replication between 2 Remote Sites when normal replication is failing due to Bandwidth Issues.

Turning on replication after migration or upgrade

Video :

Comments 8 CommentsJump to latest comment

Mansoor Rashid's picture

Voted for this nice article.

Regards, M.R

Login to vote
xChiko's picture

This is indeed nice article.

Keep it up.

Login to vote
John Santana's picture

Yes I must admit that this is such a nice article :-)

Kind regards,

John Santana
IT Professional


The author cannot accept liability for any loss or damage sustained as a result of the content of this post.

Login to vote
Ajit Jha's picture

My Vote for you. Thanks for assembling replications details together.


Ajit Jha

Technical Consultant


Login to vote
Ambesh_444's picture

Even my vote to you man...

Thank& Regards,


"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as   solved."

Login to vote
Ch@gGynelL_12's picture

count on me..

very nice article..

Login to vote
haroldvm89's picture

Wow! This is great stuff!! Thanks

Login to vote
Gobi-Kathir's picture

Good one !

Login to vote