Endpoint Protection

 View Only
  • 1.  Upgrade and Migration Strategy

    Posted Mar 23, 2020 12:08 PM
    Hey everyone... I'm searching for expert's advise on SEPM/AV

    Just joined a new job and inherit an existing SEPM v12.1.5 running on Windows 2003 and about 200+ clients also v12.1.5 running on various Windows versions. My task is to upgrade SEPM server to latest version on Windows 2016. I'm also going to need to upgrade the clients to 14.x

    I've been reading Broadcom's documentation here, but the trouble is that all their sub-links are 404
    Upgrade or migrate to Endpoint Protection 14.0

    I'm totally down with doing a brand new installation of the SEPM and reinstalling AV engines on the clients, if the upgrate/migrate option is infeasible with WIndows 2003. Any technical advise?

    I know I sound like I ask for everything but I just came from 12 years of managing Linux only environments and I'm still trying to catch up.

    Any help is much appreciated!!


  • 2.  RE: Upgrade and Migration Strategy

    Trusted Advisor
    Posted Mar 24, 2020 08:32 AM
    Easiest way to migrate is on your new server install the same version of SEPM and setup as a replication partner. This will copy all existing polices and groups to the new server. Then in Policies > management server list set the new SEPM as the priority 1 server then let all your clients check in and move over to the new server. Once you are happy all the machines have moved over you can delete replication and then start to upgrade the SEPM and clients to SEP 14

    Other option is to build a brand new SEPM 14 and then use the sylink drop tool to replace the sylink file on all the clients to the point them at the new SEPM and upgrade them

    ------------------------------
    Fujitsu Services LTD
    ------------------------------



  • 3.  RE: Upgrade and Migration Strategy

    Posted Mar 24, 2020 10:46 AM
    Hi... thanks for the spot on info. In fact I did read through this detail from the support website but it seems the same version won't let me install on Windows 2016.

    I will look into your recommendation on installing brand new SEPM v14.x and manually linking the clients to it.
    Will the clients v12.x work with SEPM v14.x prior to being upgraded themselves?


  • 4.  RE: Upgrade and Migration Strategy

    Posted Mar 24, 2020 10:25 AM
    You can run the latest 14.x version of SEPM to manage the clients, but on the client side be aware that Windows 2003 and Windows 2008 can not.
    Windows 2003 can run 12.1.7445.7000 or less.  Note that is 12.x, not 14.x
    Windows 2008 can run 14.2.1057.0103 or less
    Windows 2008 R2 and above can run the latest 14.x or less

    At least that is what i have found in our mixed Windows environment.


  • 5.  RE: Upgrade and Migration Strategy

    Posted Mar 24, 2020 10:49 AM
    Hi Robert... thanks for the reply. This is great information!

    The only 2003 server I have is actually the SEPM itself which will be deccomissioned.
    The rest of our servers is minimum 2008R2 so I think I'm still in quite good condition as far as client compatibility.


  • 6.  RE: Upgrade and Migration Strategy

    Posted Apr 01, 2020 05:55 AM
    Just wanted to provide you guys with an update on this

    - I was able to install SEPM v14.2 MP1 and the management server runs flawlessly.
    - I was able to create OU, export the OU's sylink.xml file and applied it to a small set of clients.
    - Created an installation package for that new OU
    The clients switched over to the new management server seamlessly and even did an automatic upgrade to SEP 14.2 MP1.

    All I had to do was find a window to reboot the clients and everything in order. Now it's only a matter of getting another bigger window to mass migrate the rest.

    Thanks so much for the advise!!