How do I replace SEPM equipment in a side by side way with EDR?


Article ID: 223045


Updated On:


Advanced Threat Protection Platform


I have a Symantec Endpoint Protection Manager (SEPM) + Symantec Endpoint Protection and Response (SEDR) installed and I need to change SEPM equipment.

Which is the right way ?



Release :

Component :


High level strategy for side by side migration of SEPM tied to SEDR:

  1. Create a SEPM partner replicator then move clients to the new partner replicator
  2. In EDR, Settings> Global, add and configure new SEPM Controller connection. Be sure to add a single test client group. Failure to do so will cause EDR to send policies to ALL client groups.
  3. Remove old SEPM controller connection.
  4. Within SEPM Controller connection, Add Client Groups one at a time until you gain confidence, then bulk add client groups tp finish enrolling workstations. Depending on the speed of communications between SEPM and SEP clients, it may take up to 24 hours for all targeted SEP clients to get the policy telling them to enroll. Usually, it only takes an hour for the clients to receive the policy in small SEP environments.

Additional Information

Q: EDR information has been duplicated...
...the number of enrolled clients has doubled.

A: This is a temporary symptom. When you remove the original SEPM Controller connection, the duplicates will disappear across the course of 4 days.