Moving Management Server, DB, Policies etc.

Hi,

I'v inherited a Policy Management Console/Server Version 11.30.60634 - with 4100 Clients and Servers. This is currently running in Windows Server 2003 r2 - This machine is very limited in its resources. I would like to move this to a Server 2012 r2 and would also like to upgrade to F-secure policy manager version 12.x. at the same time.

What would be the best way to do this?

I have read the guide below, but it isn't entirely obvious to me if this keeps all Hierarchies and Policies, and what else might be missing from following that guide.

"Moving Policy Manager Server to a new server"

https://community.f-secure.com/t5/Business/Moving-Policy-Manager-Server-to/ta-p/68727

Find more posts tagged with

Comments

SMunken

Thank you very much for the quick response.

I'll get to it as soon as posible.

Regards

Simon Munk

etomcat

Hello,

>> Moving Policy Manager Server to a new server
>> https://community.f-secure.com/t5/Business/Moving-Policy-Manager-Server-to/ta-p/68727
>
> if this keeps all Hierarchies and Policies?

The line in Knowledge Base article that says "Backup <F-Secure>\Management Server 5\data\h2db\ folder" means the same (because FSPM version 10-11-12 are based on a relational database called H2_Java, which stores all data and a shared directory is no longer used).

> what else might be missing from following that guide?

I would manually export the digital signing keypair admin.pub/.prv using the PMC console and keep them in a safe offline backup, just to make extra sure.

By the way, FSPM 12.00 no longer supports Win2003. I think you should use the Knowledge Base guidance to migrate from Policy Manager 11.31 on Win2003 to Policy Manager 11.31 on Win2012R2. That is a supported platform and the installer is still available here:
https://www.f-secure.com/en/web/business_global/downloads/policy-manager/11

After the endpoints have all migrated and everything is OK, you could then upgrade FSPM 11.31 to 12.00 on the Win2012 R2 server (after making a PM H2 DB backup, of course). In-place version upgrades are one thing F-Secure products do really well.

Then you can upgrade the workstation endpoints to F-Secure CS 12.00 protection, to complete the project and maybe decomission the old Win2003 box?

Best Regards: Tamas Feher, 2F 2000 Kft., Hungary.