ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
How do I replace SEPM equipment in a side by side way with EDR?
Article ID: 223045
Updated On:
Products
Advanced Threat Protection Platform
Issue/Introduction
I have a Symantec Endpoint Protection Manager (SEPM) + Symantec Endpoint Protection and Response (SEDR) installed and I need to change SEPM equipment.
Which is the right way ?
Environment
Release :
Component :
Resolution
High level strategy for side by side migration of SEPM tied to SEDR:
- Create a SEPM partner replicator then move clients to the new partner replicator
- In EDR, Settings> Global, add and configure new SEPM Controller connection. Be sure to add a single test client group. Failure to do so will cause EDR to send policies to ALL client groups.
- Remove old SEPM controller connection.
- Within SEPM Controller connection, Add Client Groups one at a time until you gain confidence, then bulk add client groups tp finish enrolling workstations. Depending on the speed of communications between SEPM and SEP clients, it may take up to 24 hours for all targeted SEP clients to get the policy telling them to enroll. Usually, it only takes an hour for the clients to receive the policy in small SEP environments.
Additional Information
Q: EDR information has been duplicated...
...the number of enrolled clients has doubled.
A: This is a temporary symptom. When you remove the original SEPM Controller connection, the duplicates will disappear across the course of 4 days.
Feedback
Yes
No
Powered by
