How to configure offline replication when the remote site database is large in size and initial replication fails due to bandwidth issues

Symptoms
Configuring Symantec Endpoint Protection Manager (SEPM) as an additional site for replication fails after some time when replicating for the first time with a remote site due to bandwidth issues.

While configuring replication for the first time when the remote site db is big, replication will try to replicate the full details from the database when the remote site is old and has lot of clients reporting to it. Due to the size of the database being big approximately 5-6 gigs, first time replication results a large amount of data transfer via WAN and if the bandwidth is not adequate then the replication may fail at a certain point due to time outs, firewall interference and high bandwidth usage.

An Offline replication can be configured in this type of scenario so that when configuring replication on the target server does not replicate a huge amount of data via WAN. The steps to configure the same are as follows:

1. Arrange a server on the same remote site local network with the same Server name as the main target server. IP address can be different.

  [ Example: If Server A is a primary site and Server B is remote site /secondary site , then arrange a Server B1 [Same as Server B]  , on the local site of Server A.]

2. Install SEPM on the server and configure it as a replication partner with the target remote server which is in the same Local Network with the same site name as the actual target server.

NOTE: Ensure removal of previous failed online replication partner site (if one exists) prior to this process.

[Example :Replicate the Server B1 [Server B]  with the Server A,  replication would be successful , As it is happening over the local network of Primary site [Server A's Network] ].

3. This replication should succeed as both the servers are in the same Local Network.

4. After initial replication configuration is done configure the replication partner properties and Uncheck the logs, Content and Client packages replication.

5. Initiate manual replication 2-3 times to ensure it is working as expected.

6. Take a backup of the new server DB and server certificates and key store password. Follow the disaster recovery Techdoc to perform the same.

URL: Disaster recovery best practices for Endpoint Protection

7. Make sure that you have most updated server certificate. To ensure take a backup of the certificate from SEPM. (Admin-Server-Manage Server Certificate-Backup the Server Certificate)

8. Transfer the whole backup to the target main server.

9. Shutdown the new server created.

10. Install SEPM on the main target server as a standalone site with the same Site Name.

11. Restore the database following the disaster recovery document and Reconfigure the Management Server.

12. After the reconfiguration is complete log on to SEPM and restore the server certificate.
 

NOTE: Verify the odbc32-64bit system DSNversion found in C:\Windows\SysWOW64\odbcad32.exe is present and the DBA username and Password are set in the login tab.

13. Ensure the replication configuration and Replication management server list reflecting correct settings.

NOTE: There may be a need to add the AD Directory domain into the site.

14. The replication should work fine now. Ensure the same by initiating a manual replication.

15. Schedule the replication.

16. Decommission the new server that was created earlier.


Note: This process is a bit critical and need to ensure that all the steps are done correctly specially the backup, restore and restoring server certificate.



Technical Information
After Successful replication following this method it becomes important to consider that at the time of upgrading the SEP version replication needs to be broken. After successfully upgrade while re-adding the replication partner SEPM gives a prompt "Did you restore the database on the replication partner site? If you click Yes, all data on the replication partner is merged with the local site . If you click No, only the data that changed since the last successful replication is merged with the local site." It is recommended to select No as clicking Yes will result in full data replication and it will again fail due to bandwidth.