Leo
asked on
Sophos Database move
Current Configuration
SERVER1
Sophos Enterprise Console v4.0.0.2362
Deploys Sophos Endpoint Client v9.5
Approximately 95% of clients and servers using this client.
Server2
Sophos Enterprise Console v5.2.0.644
Deploys Sophos Endpoint Client v10
SQL1
Sophos Enterprise Console v5.2.0.644 Database Server
We want to move all clients and servers to v10 as soon as possible. The problem with Server2 is that the database is on SQL1. So with that in mind, the ideal results is the following:
Desired Configuration
Server2
Sophos Enterprise Console v5.2.0.644
Deploys Sophos Endpoint Client v10
SQL3
Sophos Enterprise Console v5.2.0.644 Database Server
Is it possible to migrate the database from SQL1 to SQL3 for the Enterprise console installed on Server2?
Once the console is installed and running, a migration plan for clients and servers will be required.
SERVER1
Sophos Enterprise Console v4.0.0.2362
Deploys Sophos Endpoint Client v9.5
Approximately 95% of clients and servers using this client.
Server2
Sophos Enterprise Console v5.2.0.644
Deploys Sophos Endpoint Client v10
SQL1
Sophos Enterprise Console v5.2.0.644 Database Server
We want to move all clients and servers to v10 as soon as possible. The problem with Server2 is that the database is on SQL1. So with that in mind, the ideal results is the following:
Desired Configuration
Server2
Sophos Enterprise Console v5.2.0.644
Deploys Sophos Endpoint Client v10
SQL3
Sophos Enterprise Console v5.2.0.644 Database Server
Is it possible to migrate the database from SQL1 to SQL3 for the Enterprise console installed on Server2?
Once the console is installed and running, a migration plan for clients and servers will be required.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes it should be possible but migration is also not trivial - I suggest you seek your professional expertise service from Sophos or SI on the specific step to suite actual environment - it is always to be more cautions and prepared (murphy's law)
What are the key steps?
To migrate Control Center to a new server, you carry out these steps:
Collect existing information from the old server.
Prepare the new server.
Install Control Center on the new server.
Import database to new server.
Update database information with your new server information.
Download endpoint security software on the new server.
Change the account used by endpoints for updates from the server.
Remove management software from 'old server'.
Redirect endpoint computers to report to the new server.
Redirect any remote consoles to the new management server.
These steps are described in the sections below.
Known to apply to the following Sophos product(s) and version(s)
Sophos Control Center 4.0.0
Sophos Control Center 4.1
Sophos Control Center 4.0.1
http://www.sophos.com/en-us/support/knowledgebase/117150.aspx
What are the key steps?
To migrate Control Center to a new server, you carry out these steps:
Collect existing information from the old server.
Prepare the new server.
Install Control Center on the new server.
Import database to new server.
Update database information with your new server information.
Download endpoint security software on the new server.
Change the account used by endpoints for updates from the server.
Remove management software from 'old server'.
Redirect endpoint computers to report to the new server.
Redirect any remote consoles to the new management server.
These steps are described in the sections below.
Known to apply to the following Sophos product(s) and version(s)
Sophos Control Center 4.0.0
Sophos Control Center 4.1
Sophos Control Center 4.0.1
http://www.sophos.com/en-us/support/knowledgebase/117150.aspx
ASKER
Thanks for your information.
I just want to move the DB from one server to another, for that do i have to Install Control Center on the new one? and take it out from the old one?
or i can just import DB to new SQL server and then update the registry settings, and leave everything else.
I just want to move the DB from one server to another, for that do i have to Install Control Center on the new one? and take it out from the old one?
or i can just import DB to new SQL server and then update the registry settings, and leave everything else.
The control center will just need to point to the database server..thought the link already spell out the importing and backup and pointing for new server. As mentioned already you will need to backup as long as you want to install or upgrade in existing or new server...the link in last posting states those and will preach you to see through.
ASKER
I am writing a complete procedure to move the DB, i will post it soon kindly review it and let me know if i had missed something.
In the mean while, I logged on to old SQL server, there are 5 DBs related to Sophos, which one i have to move and restore?
DB.jpg
In the mean while, I logged on to old SQL server, there are 5 DBs related to Sophos, which one i have to move and restore?
DB.jpg
You will want to check this out first and d ohave backup first as it is suggested below too. They started from 5.0 (backup, restore, test "database" account) then 5.1 (create db), then run 5.1 installer to upgrade srv and console. I am not so savvy with Sophos but if you already backup then do try to also test in staging - best get the site support on your contracted service to advise ...
http://community.sophos.com/t5/Sophos-EndUser-Protection/changing-SQL-instance-for-Enterprise-console/m-p/35023
And this PDF on upgrade version
http://www.sophos.com/en-us/medialibrary/PDFs/documentation/sec_52_ugeng.pdf
But I do see that this below of more relevance esp the UpgradeDB.exe in 2nd link (it is executed from old db ver to copy over to new ver)
http://www.sophos.com/en-us/support/knowledgebase/28276.aspx
http://www.sophos.com/en-us/support/knowledgebase/65420.aspx
http://community.sophos.com/t5/Sophos-EndUser-Protection/changing-SQL-instance-for-Enterprise-console/m-p/35023
And this PDF on upgrade version
http://www.sophos.com/en-us/medialibrary/PDFs/documentation/sec_52_ugeng.pdf
But I do see that this below of more relevance esp the UpgradeDB.exe in 2nd link (it is executed from old db ver to copy over to new ver)
http://www.sophos.com/en-us/support/knowledgebase/28276.aspx
http://www.sophos.com/en-us/support/knowledgebase/65420.aspx
ASKER
Thanks.
I am going to do it tomorrow, i have put a guidline on how i am planning to do it, kindly check it and let me know if i have missed anything or if there is anything which needs amendment.
Sophos-DB.docx
I am going to do it tomorrow, i have put a guidline on how i am planning to do it, kindly check it and let me know if i have missed anything or if there is anything which needs amendment.
Sophos-DB.docx
Quite detailed and I assumed you have done it or rehearsed in staging environment. If not pls do so as migrating db may not always be trival. The old server should not be tampered and be always ready to rollback as active instance till the new server is proven ok. Performance will only be gauge to run probably for a week or two depending on user base size.
Actually it will always be good to have expected outcome and the observed outcome checklist rather than steps. Remarks to highlight steps not to be skip and abandoned if not completed. The db team need to be on standby.
Also when db is down, will error from client polling for it be served with or flooded with errors causing unnecessary alarm to users and operation admin. This is to manage the comms side before any major upgrade etc...
Best to have sophos support on standby please as always preached to be wary for worst case and preemptive action.
ault comes if the restore from backup failedas never been verified but assume
Actually it will always be good to have expected outcome and the observed outcome checklist rather than steps. Remarks to highlight steps not to be skip and abandoned if not completed. The db team need to be on standby.
Also when db is down, will error from client polling for it be served with or flooded with errors causing unnecessary alarm to users and operation admin. This is to manage the comms side before any major upgrade etc...
Best to have sophos support on standby please as always preached to be wary for worst case and preemptive action.
ault comes if the restore from backup failedas never been verified but assume
Ignore the last statement as it simply meant to verify the backup which I heard of case recovery failed and versioning caused data corruption due to unknown backup version for full and increment.
ASKER
just a quick question, under Sophos Enterprise Console, in Policies--> Anti-Virus and HIPS, i have created a policy, how can i attach it to Group Policy OU? because when i right click on this Policy and select View Groups using Group Policy i get a message that the policy is not assigned to any group.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
just curious how is it going if possible to share ...thanks
ASKER
Also regarding your last point " How to redirect Windows endpoint to a new management Server" Sophos will be on the same server, its just the DB for Sophos needs to be moved, so what will be the migration plan for clients to the new version? Testing, migration process, computers to migrate etc.