Endpoint Protection

 View Only

Replication and considerations 

May 17, 2011 01:15 PM

Updated on 8th July'15

Replication enables data to be duplicated between databases one separate sites so that both databases contain the same information. If one database fails, you can manage the entire site by using the information on the database from another site.

A partner is a management server on another site with a different database and management servers. A site may have as many partners as needed. Each partner, or remote site, connects to the main site or local site, which is the site that you are logged on to. All sites that are set up as partners are considered to be on the same site farm.

Each site you replicate data with is either a replication partner or a site partner. Both replication partners and site partners use multiple servers, but the database they use and the way they communicate is different:

If you have a legacy Symantec Endpoint Protection 11.0 site in which you use replication, you must turn off replication before you upgrade. Due to a database schema mismatch, the replication of data between legacy and updated databases during or after the upgrade corrupts the database. You must turn off replication at each site that replicates. You must log on to and turn off replication at a minimum of two sites.

Note: SEP 11 version is now End of Life (EOL)

Symantec Endpoint Protection 12.1 and later does not require that you turn off replication before you upgrade. Symantec Endpoint Protection 12.1 and later does not allow replication if the database schema versions do not match

Replication : Replication is duplication of Records

*  Replication causes data to be transferred or forwarded to another SEPM.

*  A replication partner is a SEPM that is part of another site.

*  Sites can have multiple replications partner.

*  Changes made on any partner are replicated to all sites.

*  Policies and groups are replicated.

*  Replication between any supported version of SQL and Embedded database is supported.

Considerations: Before setting up replication.

    1. Minimise number of Sites - Ideally below 5

    2. Network Bandwidth and Link

    3. Network Latency.

    4. Database Size on the Primary site.

    5. If any Firewall, Proxy, Router, etc. exists between 2 sites.

    6. Does these Firewall or Routers have packet scanning mechanism built in, as this can strip the zip  file that is passed on the link.

Considerations: Adding a new Site to an existing replication partner.

   1. Make sure the replication Schedule is not set to “Automatic”.

   2. Make sure Liveupdate schedule is NOT set to “Continuous” or “Every 4 hours” & Replication should not overlap with scheduled Liveupdate session. 

   3. Lower the count of Content revisions in the Liveupdate settings.

   4. Purge SEPM Logs.

   5. Symantec strongly recommends that you do not exceed 10 

Database supported for SQL:

  1. Sybase adaptive server anywhere (ASA) 9.0

  2. Microsoft SQL 2000 Server with SP4

  3. Microsoft SQL 2005 Server with SP2

  4. Microsoft SQL 2008 Server (RU5 onwards)

Best Practices

  1. For more than 3 sites or 1,000 clients: No more frequent than once per day  

  2. Versions of the Policy Manager have to be the same.

  3.  Replication schedules should not overlap.

  4.  If replicating over WAN, only replicate the logs.

  5.  Number of replicated sites should ideally be kept below 5. Ratio will be 1:4 ( i.e 1 primary : 4 seconday )

  6. The value of  “Content revisions to keep” should be set to a  lower value.

  7. If you have configured multiple replication partner then always make sure that the replication schedules won't overlap .This situation can lead to Database Deadlock issues. 

   8. Delete Replication Partners when

            1.Upgrading the Policy Manager.

            2.If any CRT Approved tools need to executed.

            3.Software / Hardware maintenance on the Policy Manager.

            4.Backing up database manually.

Information that need to be gathered for troubleshooting:

 1. Gather Tomcat logs from both the sites.

 2. Gather Tomcat logs from Site 1 and “Install Error” logs from New Site, if the initial replication fails.

 3. IP Addresses and Server Names.

 4. Database Backup (SQL server or Embedded database).

 5. Wireshark logs to check for network issues.

 6. SEP Support tool logs from all the sites. A full data grab is needed.

Replication initiate if there is any change in USN number 

USN stand for Update Sequence Number.

Every record in the database is associated with a USN.

USN is incremented/updated every time there is a change in the records.

Data comparison happens on the basis of the USN.

The USN defines whether a record is to be Added or Modified.

Note : If you wish to move SEPM from one machine to another with the help of replication, Replication is an option, decide whether to go or not.Beacuse if you do replication and remove the old server that is the Primary SEPM , in future if you want to do replication you will not be able to do so.

 

SEP11.x  Replication

You will have to break the replication between SEPM's before doing an upgrade.

SEP 12.1 Replication Advantage : 

Eliminates cross version replication corruption

 

Few helpful links :

How replication works

http://www.symantec.com/docs/HOWTO55328

Managing sites and replication

http://www.symantec.com/docs/HOWTO55322

Adding a replication partner

http://www.symantec.com/docs/HOWTO55466

Changing the automatic replication schedule

http://www.symantec.com/docs/HOWTO55469

Turning on replication after migration or upgrade

http://www.symantec.com/docs/HOWTO55459

Turning off replication before migration

http://www.symantec.com/docs/HOWTO55437

Determining how many sites you need

http://www.symantec.com/docs/HOWTO55399 

Adding replication partner fails, but it still shows up in the Symantec Endpoint Protection Manager console

http://www.symantec.com/docs/TECH162651

Replication error when deleting and restoring replication partner during replication

http://www.symantec.com/docs/TECH162883 

How to install the Symantec Endpoint Protection Manager(s) for replication

http://www.symantec.com/docs/TECH105928 

How to configure the replication schedule for Symantec Endpoint Protection Manager (SEPM)

http://www.symantec.com/docs/TECH104454 

How to add an additional site to configure replication for Symantec Endpoint Protection Manager (SEPM) using an Embedded Database

URL http://www.symantec.com/docs/TECH104455

How to change the host name of the servers running Symantec Endpoint Protection Manager with a replication partner?

http://www.symantec.com/docs/TECH96090

Does Symantec Endpoint Protection Manager support replication between sites running different versions?

http://www.symantec.com/docs/TECH92235

How to Perform Offline Replication between 2 Remote Sites when normal replication is failing due to Bandwidth Issues.

http://www.symantec.com/docs/TECH95122

Turning on replication after migration or upgrade

http://www.symantec.com/docs/HOWTO55459

Video :

 

Statistics
0 Favorited
20 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Apr 13, 2015 03:52 AM

Good one !

Oct 22, 2013 06:25 PM

Wow! This is great stuff!! Thanks

 

Dec 26, 2012 10:09 PM

count on me..
very nice article..

Dec 12, 2012 07:25 AM

Even my vote to you man...

Dec 12, 2012 07:23 AM

My Vote for you. Thanks for assembling replications details together.

Oct 08, 2012 11:35 PM

Yes I must admit that this is such a nice article :-)

Jul 18, 2012 02:46 AM

This is indeed nice article.

Keep it up.

Sep 13, 2011 12:31 AM

Voted for this nice article.

Related Entries and Links

No Related Resource entered.