Migration from SEC to Central

I've just been through this process, and it's fairly painless.  The main issue is that the migration tool doesn't work if you have any additional SUMs set up, so in my case I had to switch everything to update from our main site before I could start the process.  You also have to disable tamper protection and application control, but this will all be re-enabled once the machines have migrated.

If you have any specific application control lists or settings you need, you'll want to set these up in Central first.  Settings will not migrate! Common exclusions are set automatically though, so you don't need to worry about things like SQL and Exchange servers.

If you have any 2003 servers, they won't migrate as this is no longer supported.

I'm afraid I haven't migrated any machines protected by Bitlocker though, so can't help there. In theory it shouldn't make any difference, but you might want to test it on an expendable machine first!

Another thing worth watching for is if you have more than one site, you might want to set up Update Cache servers first to save bandwidth (similar to SUMs in SEC), and then either set firewall rules to block clients from trying to update from another site or manually assign each machine to a Cache Server - details are at https://community.sophos.com/kb/en-us/122577

Personally, I prefer the firewall route as it means machines will update from the local server if they move from one site to another (laptops, etc...). It depends on your network setup, but I found that without the firewall rules I had clients in one site trying to update over a VPN from a Cache Server located at the other end of a satellite link!

Many Thanks RBGE, that's good info. to know. Much appreciated.

Many Thanks RBGE, that's good info. to know. Much appreciated.