Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 7717 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HELP! Migration to new Server & Upgrade SEC 4.0.x to 5.x

HendraBozzie

Hi, My Name is Hendra and I am from Indonesian, I am having problems regarding migration to a new server and upgraded.

My customers are already using Sophos Enterprise Console for 898 user since 2009, they are still using the old version (4.0.2362) and intends to be on the upgrade to the latest version v.5.1 and simultaneously move / migration to the new server.

Details for SEC 4.0 server:
- Windows Server 2003 R2 Standard Edition SP2 (32 bit)
- Intel Xeon
- 2GB of RAM
- 20GB Disk capacity
- SQL 2005 Express



Details of SEC 4.0 is installed:
The SEC does not install on drive C: \ but in Drive D: \, but it does not all installed on drive D: \, including:
- "D: \ Program Files \ Sophos \ xxx"

- "D: \ SophosUpdates" (Warehouse share folder)
- "D: \ Temp"
- "C: \ Documents and Settings \ All Users \ Application Data \ Sophos"

  1. Sophos Endpoint Security & 10.0
  2. Using WebCID to enable update Endpoint
  3. There are two Child SUM
  4. NAC Manager is enabled

New server:
- Windows Server 2008 R2 x64 Enterprise
- Intel Xeon
- 4GB of RAM
- 100GB Disk

I've followed the migration to the new server http://www.sophos.com/en-us/support/documentation/enterprise-console.aspx, but I was having problems and fail when restore the database on the new server.

Some I want to ask:

  1. Is the old server needs to first upgrade to version 5.x?
  2. Regarding the old SEC Server installer folder on drive D: \, is on the new server should also be installed on drive D: \?
  3. Many client with an error status, such as

       - Differ policy,
       - Offline status,
       - Out of date protection
       - Auto update from server error

Any suggestions and other ways to solve it?

Thank's
Regards,

Hendra

:38897


This thread was automatically locked due to age.
Parents
  • 0

    Hello Hendra,

    just to make sure, this is my personal opinion (and I'm not Sophos).

    more detail

    What - besides assessing the environment - you have done so far, i.e. which version you attempted to install on the new server (5.1?, then trying to import the 4.0 database and migrate there - or ...?). And which step failed and how (error message).

    If it is possible to discover/find/import the endpoints and push (this can be done for any number with one call of the wizard) the install from SEC (what about the apparently remote sites?) or automate the install on the clients (is this a domain/AD environment?) it's probably better to start from scratch. You'll have a "clean" database with the endpoints that "behave", it might also resolve some of the issues. Knowing that a significant part works you can then tackle the problem clients. Guess it'd be less work in the new environment.

    A slightly different approach is to use the same certificates on the new server, configure RMS in the new CID and from the old server point the clients (possibly per-group) to the new CID. Those which update correctly will "move over" (the will appear in the Unassigned group and you'd have to distribute them to the desired new groups).  BTW: are there clients which roam "outside" or are they always on the internal network?

    Christian

    :38905
Reply
  • 0

    Hello Hendra,

    just to make sure, this is my personal opinion (and I'm not Sophos).

    more detail

    What - besides assessing the environment - you have done so far, i.e. which version you attempted to install on the new server (5.1?, then trying to import the 4.0 database and migrate there - or ...?). And which step failed and how (error message).

    If it is possible to discover/find/import the endpoints and push (this can be done for any number with one call of the wizard) the install from SEC (what about the apparently remote sites?) or automate the install on the clients (is this a domain/AD environment?) it's probably better to start from scratch. You'll have a "clean" database with the endpoints that "behave", it might also resolve some of the issues. Knowing that a significant part works you can then tackle the problem clients. Guess it'd be less work in the new environment.

    A slightly different approach is to use the same certificates on the new server, configure RMS in the new CID and from the old server point the clients (possibly per-group) to the new CID. Those which update correctly will "move over" (the will appear in the Unassigned group and you'd have to distribute them to the desired new groups).  BTW: are there clients which roam "outside" or are they always on the internal network?

    Christian

    :38905
Children
No Data