I've been working on migrations from SEPC and SEP SBE to SESE for about two or three months now. I'll share a couple of hard-earned reality bits here :)
First, if you have any mobile devices (phones/tablets I mean), expect a long delay in having that part functional in ICDm. Up to 3 weeks. Unless something has changed in just the last week or so to improve this. For whatever reason, when you place your order and get the customer's ICDm access going, the Mobile provisioning team takes a very long time to get their part set up.
I ordered about 15-20 new customer accounts 2-3 weeks ago, set up the ICDm's for each, and am only recently starting to see the Mobile tab functioning. If it is not ready yet, when you click Mobile in ICDm on the left you get a grey-ish html page (new browser tab) with a lightning bolt image, saying "something went wrong". During the wait period for provisioning to get this going, there are no communications to say when it is up. You have to log in and check yourself. Unless you log a support ticket, then the agent emails you to try.
Please note, this entire provisioning process is susceptible to error as well. In one instance, a typo made by the provisioning team led to a week's delay while I argued with the support agent that No, it is not working despite how it shows provisioned in your back-end database. When the agent finally saw the typo, problem resolved, but who knows how long for and in which direction things would have gone had the agent not spotted that. That's just one incident among a few.
So unless things have greatly improved in just the past 1-2 weeks, I would expect that you guys will not be able to get all your customers migrated on time so start prioritizing just in case.
A couple of tips:
For the fellow that mentioned logging in each day to each ICDm, yes you can set up reports sent to you, but bear in mind the default Alerts for threats only trigger on like 10 alerts per unit of time....I don't recall the unit of time, perhaps in 1 minute.....but anyway, my email reports would show real malware detected on a client device, yet I'd get no alert. Turns out I would have it it were set to 1 and not the default 10 hits.
Another tip: how I manage my customers is to set up their ICDm, using
alias @ mydomain . com email addresses tied to one of my M365 users, unique to each customer. Under a Microsoft 365 user license, you can have up to 400 aliases. In Outlook, set up Rules to inspect incoming mail on the primary address of that user account, searching for that
alias address in the Message Header, and Move it to a subfolder of the Inbox (or wherever). This works well for organizing which emails relate to which customers since you can then browse vertically with Unread emails on the left side in Outlook. The email content/body messages themselves do not do a sufficient job to show who the emails are for, so my method is the only one that I know that ensures no confusion. I'm sure there's a mail flow rule one can set in Exchange that does this or perhaps something in OWA but I'm happy to just set up one Rule per customer in my Outlook, which is open on my system 24/7.
Just my 2 cents. :)
Original Message:
Sent: 10-07-2020 02:42 AM
From: Solution Informatique Solution Informatique
Subject: How to migrate Symantec Endpoint Protection Small Business Edition Cloud to Symantec Endpoint Security Enterprise Cloud
------------------------------
Solution14
------------------------------