Preparation checklist for reinstalling ATP 3.x or EDR 4.x

book

calendar_today

Endpoint Detection and Response Advanced Threat Protection Platform

In preparation for reinstalling Endpoint Detection and Response (EDR), a checklist of required materials is needed.

Materials checklist for an EDR scanner

Screen shots of the property pages for the EDR scanner within EDR UI
Screen shots of or verbatim logging of output of exportcfg that is ran at admin CLI of EDR Platform
Communications password that is shared by the EDR Management Server and EDR scanner
Download the .iso or .ova file from https://support.broadcom.com (sign-in required)

NOTE: Symantec EDR 4.6 adds support for backup and restore of configuration data on the same hardware model. For more details, see the EDR 4.6 Help topic
About exporting/importing Symantec EDR configuration settings

Screen shots of all EDR UI settings
Copy of certificate file that is used to secure EDR UI
Copy of each certificate file that is used to secure communications between EDR and SEPM
User name and password for each configured SEP DB connection or SEPM Controller connection
Export of EDR Blacklist entries (can be exported through ATP UI Policies page)
Export of EDR Whitelist entries (can be exported through ATP UI Policies page)
Symantec License File (.slf file) for EDR that contains a start_date before the current date and contains an end_date after the current date

The following additional pieces of evidence may be necessary if you are engaged in a technical support case:

EDR was formerly known as Symantec Advanced Threat Protection (ATP) Platform.

In preparation for a Disaster Recovery plan, the next step to identify is how to re-install or re-deploy EDR/ATP.

thumb_up Yes

thumb_down No