Change Data Center Security (DCS) Manager's IP address
Article ID: 175987
Updated On:
Products
Issue/Introduction
You wish to change the DCS Manager's IP address
Resolution
1. Ensure that the agents are updated with i.e. are aware of the new IP address of the management server, before the change. In order to provide this information to the agents, we can either manually add the new IP address on the 49 agents by using the sisipsconfig tool present on the agent i.e. run sisipsconfig.exe -h <new_IP,Old_IP> OR we can push a policy to the agent, that automatically updates the IP addresses. We configure this policy to include the new IP address & apply it on the agents.
2. Ensure that the IP address is updated on a few of the agents.
3. Change the IP address of the management server.
4. Ensure that the assets are reporting correctly on the management server.
Detailed steps:
There are two detection policies we need to use: UNIX_ SDCSS_Agent_Diagnostics (for Linux / Unix machines) & SDCSS_Agent_Diagnostics (for Windows machines). You will find these policies on the DCS Java Management console: Under the Policies Tab -> Detection. Edit these policies & Click on Advanced agent settings -> Check the "Modify the management server list" option click on edit. Now in the value field, enter the <new IP address,current IP address> & save the policies.
Perform this on both the Unix & the Windows policies.
Next apply the two polices to the windows & Linux agent security groups that have the respective agents in them.
Now, ensure on a few of the windows & a few of the linux agents that the IP has been updated. (You may also refer: https://support.symantec.com/e
[[email protected] ~]# cd /opt/Symantec/sdcssagent/IPS
[[email protected] IPS]# su sisips
sh-4.2$ ./sisipsconfig.sh -view
------------------------------
Agent Configuration Tool version 6.7.3.1473
------------------------------
Server Host List - 192.168.2.114,192.168.2.105 Current Management Server - 192.168.2.114 Port - 443 Protocol - https Failback Interval - 60 minutes Utilities Service Port - 2323 CertFile - /opt/Symantec/sdcssagent/IPS/c
Tracing - false
Force Retranslation - false
Prevention Feature - enabled
For Windows machines:
C:\Users\administrator.MYDCSLA
------------------------------
Agent Configuration Tool version 6.7.3.1473
------------------------------
Server Host List - 192.168.2.114,192.168.2.105 Current Management Server - 192.168.2.114 Port - 443 Protocol - https Failback Interval - 60 minutes Utilities Service Port - 2323 CertFile - C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\IPS\certs\keystor
The server host list entry should have the new & the old IP addresses mentioned. See the example above.
Now after about an hour, ensure in the assets tab that the machines that were reporting earlier are still doing so.
______________________________
If the DB is on the same machine as that of the management server:
If the DB is on the same machine as that of the DCS manager, one additional step will be required before starting the DCS manger service (after the IP address change). This step would be to inform the manger of the change in the DB IP address. In order to do this, Simply update the server.xml (on the manager) file at the location C:\Program Files (x86)\Symantec\Data Center Security Server\Server\tomcat\conf.
You will see three lines that start with something similar to: url="jdbc:jtds:sqlserver://192
Assuming 192.168.2.103 is the IP address of the old SQL machine, change it to the new IP address and save the XML file. Please do take a backup of this before the change.
Feedback
