Preparation checklist for reinstalling ATP 3.x or EDR 4.x
book
Article ID: 171913
calendar_today
Updated On: 04-08-2025
Products
Endpoint Detection and Response
Advanced Threat Protection Platform
Issue/Introduction
In preparation for reinstalling Endpoint Detection and Response (EDR), a checklist of required materials is needed.
Resolution
Materials checklist for an EDR scanner
- Screen shots of the property pages for the EDR scanner within EDR UI
- Screen shots of or verbatim logging of output of exportcfg that is ran at admin CLI of EDR Platform
- Communications password that is shared by the EDR Management Server and EDR scanner
- Download the .iso or .ova file from https://support.broadcom.com (sign-in required)
Additional materials checklist for an EDR management server or All-In-One
NOTE: Symantec EDR 4.10 exporting/importing Symantec EDR configuration settings
About exporting/importing Symantec EDR configuration settings
- Screen shots of all EDR UI settings
- Copy of certificate file that is used to secure EDR UI
- Copy of each certificate file that is used to secure communications between EDR and SEPM
- User name and password for each configured SEP DB connection or SEPM Controller connection
- Export of EDR Blacklist entries (can be exported through ATP UI Policies page)
- Export of EDR Whitelist entries (can be exported through ATP UI Policies page)
- Symantec License File (.slf file) for EDR that contains a start_date before the current date and contains an end_date after the current date
The following additional pieces of evidence may be necessary if you are engaged in a technical support case:
- Backup file from the admin CLI command backup
- Diagnostic file that is collected with support assistance by gather_evidence
Additional Information
EDR was formerly known as Symantec Advanced Threat Protection (ATP) Platform.
In preparation for a Disaster Recovery plan, the next step to identify is how to re-install or re-deploy EDR/ATP.
Feedback
Was this article helpful?
thumb_up
Yes
thumb_down
No