IT Management Suite

As a result of the WannaCry attack my company is beefing up security. And part of this is deploying Symantec to servers on a different domain, would I need to to install the management console on a server within that different domain or could I simply using the existing one, and make use of a trust?

In theory you don't need a trust or anything as the Agent communication works over HTTP. You'd need credentials to install the agent on the other domain.

You may come across issues if you want to access the console from the untrusted domain.

Are you talking about SEP/SEPM clients or Altiris? It's not clear to me which product you're talking about.

If SEP/SEPM then it will work fine across different domains as long as the clients can talk back to SEPM over tcp 8014.

We have been using Altiris across multiple domains for the past few years. The Altiris network account has been set as an enterprise admin so that it has permissions to both. Alternatively, if there only a small number of machines you can just install the agent manually using an account with administrator rights.

I've worked in an environment with mutiple domains twice. The most important point is trust relationship between the domains and DNS,

I had no problems because trust relationship between the domains was configured. Machines have to resolve the SMP hostname too, so you have to configure your DNSs servers properly.

To install the agents, if the domain relationship be configured, the Altiris service credential will works to install the agent in the new machines. Also you can configure a GPO to install the agents.

Regards,