Endpoint Protection

 View Only

  • 1.  migration SEPM

    Posted Jan 06, 2016 02:08 AM

    HEllo guys,

    I have to migrate our SEPm server from physical server to virtual server with different name and IP

    Current setup:

    version :12.1.6 mp3

    OS:windows 2008 R2

    DB:Embedded.

     

    New server Details:

    VErsion :12.1.6 MP3

    OS :windows 2012 r2

    DB:Embedded.

     

    How i miograte SEPM,my plan is the following 2 method

    method 1: backup the existing Db and recovery file

                   install SEPm 12.1.6 MP3 in new server

                  restore the Db and rstore the recovery file 

                 Set the priority in OLD SEPM SERVER.So all clients will Communincate with NEw server.After communication,Stop the SEPM services of old server

     

    Second method : The new server install as a additional Site

                              one the installation is completed,Set the priority in OLD SEPM server.stop the the SEPM services in oLD server

     

     

    Which method is more usefull ,suitable and stable?

     



  • 2.  RE: migration SEPM

    Posted Jan 06, 2016 03:20 AM

    Hello Shaabin,

    PLease find the bellow threads for best ans.

    https://www-secure.symantec.com/connect/articles/how-move-sepm-one-server-another-server

    https://www-secure.symantec.com/connect/forums/how-move-sepm-one-server-another-different-ip-address-and-host-name

    https://www-secure.symantec.com/connect/forums/migrating-sepm-another-server-different-iphost-name

     



  • 3.  RE: migration SEPM
    Best Answer

    Posted Jan 06, 2016 03:21 AM

    Hello,

    SEPM server has a differenet IP and different hostname.

    If the new SEPM server has a different IP and host name, there are two alternatives:

    1. Use replication to install a new SEPM and keep the policy the same with old SEPM. See "How to move Symantec Endpoint Protection Manager from one machine to another" 

    http://www.symantec.com/business/support/index?page=content&id=TECH104389

    Note: Replication is an option, if you do replication and remove the old server that is the Primary SEPM, in future if you want to do replication you will not be able to do so.

    2.Follow disaster recovery method & Create a new MSL.as per following

    1. Follow "Best Practices for Disaster Recovery with Symantec Endpoint Protection" (see Related Articles below) to backup and reinstall SEPM on MACHINE_2
    2. Log in to the old SEPM on MACHINE_1
    3. Click Policies > Policy Components > Management Server Lists > Add Management Server List
    4. Click Add> Priority and a new Priority would get added named as "Priority2"
    5. Add MACHINE_1 under Priority 2 and add MACHINE_2 under Priority 1, and assign this New Management Server List to all the groups.
    6. Clients will then move from old SEPM to new one gradually
    7. Stop the "Symantec Endpoint Protection Manager" and "Symantec Embedded Database" service on MACHINE_1 to verify whether all client now report to the new SEPM on MACHINE_2
    8. Once verified that all the clients are reporting into the new SEPM, and have moved away from the old one, proceed to the next step.
    9. Uninstall SEPM from MACHINE_1


  • 4.  RE: migration SEPM

    Posted Jan 06, 2016 07:40 AM

    Step by step guide is here:

    http://www.symantec.com/connect/articles/how-move-sepm-one-server-another-server



  • 5.  RE: migration SEPM

    Posted Jan 06, 2016 12:05 PM

    I'd usually vote for the replication method myself, as this allows you to move clients back and forth at will, and maintains the ability to fully manage and report on the entire estate from either box (epsecially useful in a phased migration!)



  • 6.  RE: migration SEPM

    Posted Jan 07, 2016 12:09 AM

    Hello Shaabin,

    Please let me know if your problem is resolve.



  • 7.  RE: migration SEPM

    Posted Jan 07, 2016 01:40 AM

    we have some network issue.Still the new VM is not ready.



  • 8.  RE: migration SEPM

    Broadcom Employee
    Posted Jan 07, 2016 01:08 PM

    Both the options should work as expected. Replication has only one drawback if you decomissioned primary SEPM you won't be able to do replication in the future.

     

     



  • 9.  RE: migration SEPM

    Posted Jan 11, 2016 03:26 AM

    thank you guys,migration succesfully completed

    - No replication on the site
    - Took DB and server private key backup from old server
    - Moved DB backup
    - Disabled UAC, IEESC
    - Ran the setup on the new server as first site
    - Successfully installed SEPM
    - Stopped SEPM service and restored the DB
    - Ran MSCW with old server privatekey
    - Able to login to SEPM
    - Disabled windows firewall
    - Configured a new MSL and assigned to the group
    - Clients successfully moved to the new server
    - Assigned MSL to all the groups
    - All the clients are migrated to the new server
    ----------------------------------------------------------------------------------
    Reference : 
    https://support.symantec.com/en_US/article.TECH230601.html



  • 10.  RE: migration SEPM

    Posted Jan 11, 2016 07:14 AM

    Thanks for the follow up.

    -Brian