To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Moving Management Server, DB, Policies etc.

SMunken
SMunken Posts: 10 Security Scout
in Business Suite

Hi,

 

I'v inherited a Policy Management Console/Server Version 11.30.60634 - with 4100 Clients and Servers. This is currently running in Windows Server 2003 r2 - This machine is very limited in its resources. I would like to move this to a Server 2012 r2 and would also like to upgrade to F-secure policy manager version 12.x. at the same time.

 

What would be the best way to do this?

 

I have read the guide below, but it isn't entirely obvious to me if this keeps all Hierarchies and Policies, and what else might be missing from following that guide.

 

"Moving Policy Manager Server to a new server"

https://community.f-secure.com/t5/Business/Moving-Policy-Manager-Server-to/ta-p/68727

Comments

  • etomcat
    etomcat Posts: 1,172 Firewall Master

    Hello,

     

    >> Moving Policy Manager Server to a new server
    >> https://community.f-secure.com/t5/Business/Moving-Policy-Manager-Server-to/ta-p/68727
    >
    > if this keeps all Hierarchies and Policies?

    The line in Knowledge Base article that says "Backup <F-Secure>\Management Server 5\data\h2db\ folder" means the same (because FSPM version 10-11-12 are based on a relational database called H2_Java, which stores all data and a shared directory is no longer used).

    > what else might be missing from following that guide?

    I would manually export the digital signing  keypair admin.pub/.prv using the PMC console and keep them in a safe offline backup, just to make extra sure.

    By the way, FSPM 12.00 no longer supports Win2003. I think you should use the Knowledge Base guidance to migrate from Policy Manager 11.31 on Win2003 to Policy Manager 11.31 on Win2012R2. That is a supported platform and the installer is still available here:
    https://www.f-secure.com/en/web/business_global/downloads/policy-manager/11

     

    After the endpoints have all migrated and everything is OK, you could then upgrade FSPM 11.31 to 12.00 on the Win2012 R2 server (after making a PM H2 DB backup, of course). In-place version upgrades are one thing F-Secure products do really well.

     

    Then you can upgrade the workstation endpoints to F-Secure CS 12.00 protection, to complete the project and maybe decomission the old Win2003 box?

     

    Best Regards: Tamas Feher, 2F 2000 Kft., Hungary.

  • SMunken
    SMunken Posts: 10 Security Scout

    Thank you very much for the quick response.

     

    I'll get to it as soon as posible.

     

     

    Regards

     

    Simon Munk

This discussion has been closed.

Categories