How to move Symantec Endpoint Protection Small Business Edition (SEPM SBE) from one machine to another


Article ID: 156064


Updated On:


Endpoint Protection


SEPM Small Business Edition doesn’t have some of the features that is used in Enterprise Edition in order to facilitate the transition onto another machine, such as the management server list or replication. What solution can be used in this scenario?


A.      If the new server has the same IP address and host name:

In this case the communication settings will be the same. Once the moving of the SEPM to the new machine is completed according to the procedures below, the SEP clients will automatically be redirected to the new machine. From the SEP client perspective, it is as if the machine remained the same.

1. Perform a backup of the database and of the configuration files as per the Disaster Recovery procedure:

a.      Disaster Recovery procedure for SEP 11.x

b.      Disaster Recovery procedure for SEP 12.1

      2. Install the same version of the SEPM you have now on the new machine (1).  Use the procedures described in the Disaster Recovery in order to restore the database that you backed up from the old server, as well as the configuration files. All settings must be exactly the same. Do not manually try to reconfigure those settings, rather make sure you import the configuration files. These contain other information, such as domain IDs, group IDs, server certificate, etc., which is known to the SEP Client. If you perform a manual configuration, those ID’s will be recreated differently and the SEP Clients will not recognize the new server. It will also cause incoherence's in relation to the database being imported. As a consequence you might see two domains showing up in the SEPM console.

3. Once you disable the old server and enable the new one with the same IP address and hostname, the SEP clients should be automatically redirected upon the next heartbeat.

(1)    If you are looking to not only move the SEPM to another machine, but also upgrade it to the latest version, you will have to either upgrade the old server first, and then move it to the new machine; or move it and then upgrade. It is not possible to transition the database directly onto a newer version of SEPM due to differences in the database schema. The database schema will only be converted when you run the installer to upgrade the new SEPM.


B.      If the new server has a different IP address and host name:

In this situation the same procedures as before need to be followed, but the communications with the server will have to be restored. This is done by replacing the sylink.xml file on the client machines by the one exported from the SEPM. The new sylink.xml will contain the IP address and the hostname of the new server.

1. Follow steps (1) and (2) of situation (A) above.

2. Restore communication to clients with a new Sylink.xml


OBS: If only the IP address changes, but the hostname name is the same; or the hostname changes but the IP address is the same, solution (A) should work. This is because the sylink.xml contains both the IP and the hostname of the server, and the SEP client will attempt one and then the other. You may optionally update the communications settings on the SEP clients but following procedure (B) instead.

Applies To

 Any supported environment for Symantec Endpoint Protection Small Business Edition.