Friday, December 7, 2012

Upgrading or migrating to Symantec Endpoint Protection

Backing up the database
Before you upgrade, you should back up the database.
    To back up the database
  1. Click Start > Programs > Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager Tools >Database Back Up and Restore.
  1. In the Database Backup and Restore dialog box, click Back Up.
  1. When asked "Are you sure you want to back up the database?" click Yes.
  1. When you see the message "The database has been backed up successfully," click OK.
  1. In the Database Backup and Restore dialog box, click Exit.
Disabling replication
If your environment utilizes replication, you must disable replication on all sites prior to upgrading the Symantec Endpoint Protection Manager. You must not re-enable replication between sites until they are running the same version of the software.
    To disable replication
  1. Log on to the Symantec Endpoint Protection Manager Console.
  1. On the Admin tab, click the blue Servers tab at the bottom of the pane.
  1. On the Servers tab, in the left pane, expand Local Site > Replication Partners.
  1. For each site that is listed under Replication Partners, right-click the site, and then click Delete.
  1. In the Delete Partner prompt, click Yes.
  1. Log off of the console, and repeat this procedure at all sites that replicate data.

Before you upgrade, you must manually stop the Symantec Endpoint Protection Manager service on every management server in your site. After you upgrade, the service is started automatically.
    To stop the Symantec Endpoint Protection Manager service
  1. Click Start Settings Control Panel Administrative Tools.
  1. Double Click Services to launch the Services MMC snap-in.
  1. In the Services window, under Name, scroll to and right-click Symantec Endpoint Protection Manager.
  1. Click Stop.
  1. Close the Services window. 
  1. Warning: You must close the Services window, or your upgrade may fail.
  1. Repeat this procedure for all Symantec Endpoint Protection Managers.

You must upgrade all Symantec Endpoint Protection Managers on which you stopped the Symantec Endpoint Protection service.
    To upgrade Symantec Endpoint Protection Manager
  1. Download and unzip the Release Update.
  1. Browse to the location where you unzipped the Release Update.
  1. Double-click setup.exe to start the installation.
  1. In the Symantec Endpoint Protection panel, click Install Symantec Endpoint Protection Manager.
  1. In the Install Wizard Welcome panel, click Next.
  1. At the License Agreement panel, select "I accept..." then click Next.
  1. At the Ready to install the Program panel, click Install.
  1. In the Install Wizard Completed panel, click Finish.
  1. In the Upgrade Wizard Welcome panel, click Next.
  1. In the Information panel, click Continue.
  1. When the upgrade completes, click Next.
  1. In the Upgrade Succeeded panel, click Finish.
Repeat the above steps on all other Symantec Endpoint Protection Managers on which you stopped the Symantec Endpoint Protection Manager service.
After you migrate all servers that used replication including the servers that were configured for failover and load balancing, you must re-enable replication. After migration, you add a replication partner to enable replication. You only need to add replication partners on the computer on which you first installed the management server. Replication partners automatically appear on the other management servers.
    To enable replication after migration
  1. Log on to the Symantec Policy Management Console if you are not logged on.
  1. On the Admin tab, click the blue Servers tab at the bottom of the pane.
  1. On the Servers tab, in the left pane, expand Local Site, and then click Add Replication Partner.
  1. In the Add Replication Partner panel, click Next.
  1. In the Remote Site Information panel, enter the identifying information about the replication partner, enter the authentication information, and then click Next.
  1. In the Schedule Replication panel, set the schedule for when replication occurs automatically, and then click Next.
  1. In the Replication of Log Files and Client Packages panel, check the items to replicate, and then click Next.
  1. (Replicating packages generally involves large amounts of traffic and storage requirements.)
  1. To complete the Add Replication Partner Wizard panel, click Finish.
  1. Repeat this procedure for all computers that replicate data with this computer.
Under Tasks, click Activate license.
Follow the instructions in the License Activation Wizard to complete the activation process.
Upgrade client software

NOTE: Clients that are Group Update Providers must be upgraded first. (Group Update Providers are not a feature of Small Business Edition).
Upgrade client software
NOTE: Clients that are Group Update Providers must be upgraded first. (Group Update Providers are not a feature of Small Business Edition).
NOTE: Clients that are Group Update Providers must be upgraded first. (Group Update Providers are not a feature of Small Business Edition).
 
  • Automatic client updates (Small Business Edition only): In the Endpoint Protection Manager, underComputers, right click any group, click Properties, and uncheck Disable automatic client package updates.



Stopping the Symantec Endpoint Protection Manager service
WARNING: You must stop the Symantec Endpoint Protection Manager service before you perform this procedure or you will corrupt your existing installation of Symantec Endpoint Protection Manager.
Upgrading the Symantec Endpoint Protection Manager

Enabling replication after migration
Manage product licenses
Symantec Endpoint Protection 12.1 is licensed according to the number of Endpoint Protection clients that are needed to protect the endpoints at your site. Once the Symantec Endpoint Protection Manager is installed, you may immediately deploy clients. New Manager installations come with a trial license: you have 60 days to purchase and activate a license that covers all of your deployed clients. When migrating from an older version of Symantec Endpoint Protection (versions 11.x or 12.0), you start with an upgrade license that expires in 241 days. Note: Small Business Edition comes with a 30-day trial license, whether it is an upgrade or new installation.
In the Symantec Endpoint Protection Manager console, click Admin, and then click Licenses.
Review applicable steps in Steps to prepare computers to install Symantec Endpoint Protection 12.1 client, and choose from the available methods to upgrade clients to Endpoint Protection 12.1:
  • AutoUpgrade (Enterprise Edition only): assign client packages to groups in the Manager console, either manually or by using the Upgrade Groups Wizard.
  • LiveUpdate product updates (Enterprise Edition only): Permit product updates in LiveUpdate Settings policy for a client group in the Manager console.
  • Local installation from the product disc.
  • Run the Client Deployment Wizard from the Manager console. It will walk you through the creation of a client package that can be deployed via a weblink and email, remote push, or saved for later local installation or deployment using third-party tools.
Posted by at No comments:
Labels:

How to change the number of downloaded content revisions that are retained by the Symantec Endpoint Protection Manager

In Symantec Endpoint Protection version 11.0.2000 (MR2) or later, and in SEP12.1, the number of content revisions stored is configurable through the console.
  • If you select Simple as an installation parameter, then the stored content revisions will be set to 3.
  • If you select Advanced as an installation parameter, then the number of content revisions retained by default is directly related to the number of clients associated with the SEPM:
    • Fewer than 500: 3 revisions
    • Between 500 and 1000: 10 revisions
    • More than 1000: 30 revisions

     
If the SEPM was upgraded, the previously configured settings will be preserved (For versions prior to 11.0.2000 {MR2.EN_US} the default was 10).


To configure the number of content revisions retained in SEPM follow the below steps:
  1. In the Symantec Endpoint Protection Manager console, click Admin > Servers > Local Site.
  2. Right-click Local Site and select Edit Properties.
  3. Click LiveUpdate.
  4. Under "Disk Space Management for Downloads", select the number of content revisions to be retained.
Posted by at No comments:
Labels:

How to manually update definitions for Symantec Endpoint Protection Manager - SEPM using a .jdb file


To download the .jdb certified definitions:
  1. In a browser, go to the "Symantec Endpoint Protection / Symantec Antivirus Corporate Edition" website at the following URL:http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce
  2. There are multiple headings/product categories presented. Be aware that there is only one .jdb in the list that will need to be downloaded. This is sufficient in updating both 32 and 64 bit definitions on the SEPM.  
To download the .jdb Rapid Release definitions:
  1. In a browser, go to the "Rapid Release Virus Definitions" website at the following URL:http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr
  2. Download the available .jdb file and save the file to the Windows desktop.
To use the .jdb file to update definitions for SEPM:
  1. After downloading, you may need to rename the file extension from ".zip" to ".jdb". (Most browsers detect the file type and automatically change the extension. This must be changed back to .jdb for use in the SEPM.)
  2. Copy the .jdb file to "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming" for 32 bit operating systems and to "C:\Program Files(x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming" for 64 bit operating systems. The location listed in this line is the default installation location and is presented as an example only.
  3. The .jdb file will be processed, usually within one minute. As the .jdb file is processed, all files and subfolders are removed from the "Incoming" folder.
Verify that the SEPM content is updated:
  1. To verify that the SEPM content has been updated, look in the following folders 
  2. For SEP 11.0 - Check the following locations:
    32 bit definitions: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433}"
    64 bit definitions: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{1CD85198-26C6-4bac-8C72-5D34B025DE35}" 
  3. For SEP 12.1 - Check for the following locations:
    32 bit Definitions : "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{535CB6A4-441F-4e8a-AB97-804CD859100E}"
    64 bit Definitions : "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{07B590B3-9282-482f-BBAA-6D515D3855E2}" 
  4. Typically, there will be three or more numbered folders present. The folder naming convention is "yymmddxxx". For example "100602034". This is the date and build (revision) number of the definition set installed. Please note that the definition set installed may have been published the previous day and a set for the current day may not yet be available.
  5. Looking inside the folder that matches the set downloaded and installed, there should be a folder named "Full" and a zip file named "Full.zip".
  6. Looking inside the "Full" folder, there should be the files typically associated with a virus definition set.

    Important Notes:
  1. The Intelligent Updater file names for Symantec AntiVirus (SAV) clients end with "i32.exe" or "i64.exe" (32 and 64 bit respectively).
  2. The Intelligent Updater file names for SEP clients end with "v5i32.exe" or "v5i64.exe" (32 and 64 bit respectively).
  3. The Intelligent Updater file name that ends in "x86.exe" is only for specifically listed products and should only be used with those products.
  4. The SEPM updater file has a ".jdb" extension. There should only be one .jdb listed at any time and will update content for both 32 and 64 bit systems.
  5. The SAV Parent Server updater file has a ".xdb" extension and only updates 32-bit virus definitions; SAV parent servers do not serve 64 bit definitions. 64 bit systems cannot be SAV parent servers.

Additional Clarification:
The Intelligent Updater .exe files are designed to update client installs for SEP or SAV only. These files do not contain the required files needed by a SEPM or SAV Parent to additionally update any clients attached.
Posted by at 1 comment:
Labels:
Subscribe to: Posts (Atom)