Manualshelf

Specifications

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
31323334353637383940
Test your upgrade in a VM environment with a copy of your SQL database to make sure the
upgrade works smoothly.
Validate all your settings to confirm they are in place after the upgrade.
Move the server
There might be a time when you need to move your McAfee ePO server from one physical server to
another and maintain all your settings.
For example, when your hardware is old, has failed, or is out of warranty. Or, when you upgrade your
version of ePolicy Orchestrator software and you decide to upgrade your hardware as well.
Make sure you back up the following:
The SQL database is critical. Before you do anything make sure you back up your McAfee ePO
server SQL database in case something goes wrong. The database stores everything about ePolicy
Orchestrator. For example, your tree structure, your product policies, administrators, events, and
server settings.
Back up these items that are outside your database:
Agent keys which secure the communication between the server and all your agents
Software checked into the master repository
Extensions to manage all your product policies
Secure Sockets Layer (SSL) certificates
Server settings such as communication ports
After you have backed up all of this information, follow the installation instructions in the McAfee
ePolicy Orchestrator 4.5 Installation Guide as if it were a brand new server. Then you are left with a
clean database that you replace with your original database that has all your original settings. Restore
the original SQL database, agent keys and SSL certificates. For additional information, see ePO 4.5
server backup and disaster recovery procedure, KnowledgeBase article KB66616.
When you upgrade your McAfee ePO server from one physical server to another, make sure your new
server has the same DNS name and IP address as the old server. This is the ideal situation and
ultimately reduces any potential problems.
Unfortunately, one of these items may need to be changed. For example if you are changing the IP
scheme a new IP address may be required, or if you change the DNS name and keep the old IP
address you have to regenerate the local SSL certificates. See KnowledgeBase article KB66616. Once
your database has been restored, you can turn off your old McAfee ePO server and all agents
automatically start communicating with the new McAfee ePO server.
You must understand how the agents find the McAfee ePO server especially if you are moving your
McAfee ePO server. The agent tries to connect to the McAfee ePO server first using the IP address,
then using the fully qualified DNS name. If you move the McAfee ePO server or change its IP address
the agent attempts to query the DNS to get the IP address for the DNS name. If you are going to
move your McAfee ePO server you must make sure you have good DNS name resolution in your
environment.
Installation and upgrade of ePolicy Orchestrator software
Move the server
5
McAfee
®
ePolicy Orchestrator
®
4.0 and 4.5 Best Practices Guide
39