search cancel

Change Data Center Security (DCS) Manager's IP address

book

Article ID: 175987

calendar_today

Updated On:

Products

Data Center Security Server Advanced

Issue/Introduction

You wish to change the DCS Manager's IP address

Resolution

1. Ensure that the agents are updated with i.e. are aware of the new IP address of the management server, before the change. In order to provide this information to the agents, we can either manually add the new IP address on the 49 agents by using the sisipsconfig tool present on the agent i.e. run sisipsconfig.exe -h <new_IP,Old_IP> OR we can push a policy to the agent, that automatically updates the IP addresses. We configure this policy to include the new IP address & apply it on the agents.

2. Ensure that the IP address is updated on a few of the agents.

3. Change the IP address of the management server.

4. Ensure that the assets are reporting correctly on the management server.


Detailed steps:

There are two detection policies we need to use: UNIX_ SDCSS_Agent_Diagnostics (for Linux / Unix machines) & SDCSS_Agent_Diagnostics (for Windows machines). You will find these policies on the DCS Java Management console: Under the Policies Tab -> Detection. Edit these policies & Click on Advanced agent settings -> Check the "Modify the management server list" option click on edit. Now in the value field, enter the <new IP address,current IP address> & save the policies.
Perform this on both the Unix & the Windows policies.

Next apply the two polices to the windows & Linux agent security groups that have the respective agents in them.

Now, ensure on a few of the windows & a few of the linux agents that the IP has been updated. (You may also refer: https://support.symantec.com/en_US/article.TECH114723.html ) For Linux machines:
[[email protected] ~]# cd /opt/Symantec/sdcssagent/IPS
[[email protected] IPS]# su sisips
sh-4.2$ ./sisipsconfig.sh -view
---------------------------------------------------------------------------
Agent Configuration Tool version 6.7.3.1473
---------------------------------------------------------------------------

Server Host List - 192.168.2.114,192.168.2.105 Current Management Server - 192.168.2.114 Port - 443 Protocol - https Failback Interval - 60 minutes Utilities Service Port - 2323 CertFile - /opt/Symantec/sdcssagent/IPS/certs/keystore
Tracing - false
Force Retranslation - false
Prevention Feature - enabled

For Windows machines:
C:\Users\administrator.MYDCSLAB>cd C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\IPS\bin C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\IPS\bin>sisipsconfig -view
---------------------------------------------------------------------------
Agent Configuration Tool version 6.7.3.1473
---------------------------------------------------------------------------

Server Host List - 192.168.2.114,192.168.2.105 Current Management Server - 192.168.2.114 Port - 443 Protocol - https Failback Interval - 60 minutes Utilities Service Port - 2323 CertFile - C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\IPS\certs\keystore Tracing - false Force Retranslation - false Prevention Feature - enabled

The server host list entry should have the new & the old IP addresses mentioned. See the example above.

Now after about an hour, ensure in the assets tab that the machines that were reporting earlier are still doing so.
_______________________________________________________________________________________________________________________________

If the DB is on the same machine as that of the management server:

If the DB is on the same machine as that of the DCS manager, one additional step will be required before starting the DCS manger service (after the IP address change). This step would be to inform the manger of the change in the DB IP address. In order to do this, Simply update the server.xml (on the manager) file at the location C:\Program Files (x86)\Symantec\Data Center Security Server\Server\tomcat\conf.

You will see three lines that start with something similar to: url="jdbc:jtds:sqlserver://192.168.2.103/SCSPDB
Assuming 192.168.2.103 is the IP address of the old SQL machine, change it to the new IP address and save the XML file. Please do take a backup of this before the change.