A site consists of one database, one or more management servers, and clients. By
default, you deploy Symantec Endpoint Protection with a single site. Organizations
with more than one datacenter or physical location generally use multiple sites.
This presentation gives you a general overview of Simple Network Management Protocol covering different SNMP versions, simple commands, MIBs, OIDs and Traps.
A beginners guide to get familiar with the Linux and learn the most commonly and frequently used commands. Most of the commands are expected to run across all well known Linux distributions. Plus, there are a few commands for the advanced users as well.
Trabajo de fin de Ciclo Formativo Grado Superior en Administración de Sistemas en red (ASIR/ASIX).
El trabajo consiste en un proyecto de virtualizacion de servidores para dar una alta disponibilidad (HA) mediante el sistema Proxmox. El servicio a dar en cuestión finalmente fue de un servidor proxy y web, por falta de tiempo y problemas con la configuración de Zentyal, fue imposible su instalación.
A webinar that looks into the new features that the Windows Server 2016 will offer in the DNS, DHCP and IPv6 space.
Showcase of some of the new stuff using the latest tech preview and the aim is to give administrators a quick overview of the Windows Server 2016 and enough information to decide if early adoption is worthwhile.
This presentation gives you a general overview of Simple Network Management Protocol covering different SNMP versions, simple commands, MIBs, OIDs and Traps.
A beginners guide to get familiar with the Linux and learn the most commonly and frequently used commands. Most of the commands are expected to run across all well known Linux distributions. Plus, there are a few commands for the advanced users as well.
Trabajo de fin de Ciclo Formativo Grado Superior en Administración de Sistemas en red (ASIR/ASIX).
El trabajo consiste en un proyecto de virtualizacion de servidores para dar una alta disponibilidad (HA) mediante el sistema Proxmox. El servicio a dar en cuestión finalmente fue de un servidor proxy y web, por falta de tiempo y problemas con la configuración de Zentyal, fue imposible su instalación.
A webinar that looks into the new features that the Windows Server 2016 will offer in the DNS, DHCP and IPv6 space.
Showcase of some of the new stuff using the latest tech preview and the aim is to give administrators a quick overview of the Windows Server 2016 and enough information to decide if early adoption is worthwhile.
Slides from a presentation I gave on SSH. Covers basics of ssh, password|keys|host-based authentication, agent/key forwarding, configuration files (global and user-specific), local/remote port forwarding, scp, rsync, and briefly mentions git's support.
Increase security, evolve your datacentre, and innovate faster with Microsoft Windows Server 2016—the cloud-ready operating system.
Learn more about:
» Windows Server 2016 as the 4th Era of Windows Server
» Editions & features
» Hardware requirements
» Features:
• Nano server
• Containers
• Hyper-V Hot-Add Virtual Hardware
• Nested Virtualization
Introduction to users and groups in Linux. We will explore how to set user expiry information and force user password change after certain period of time. We will be also providing different permission to users and groups and restricting users and groups operations using sudoers file
● Fundamentals
● Key Components
● Best practices
● Spring Boot REST API Deployment
● CI with Ansible
● Ansible for AWS
● Provisioning a Docker Host
● Docker&Ansible
https://github.com/maaydin/ansible-tutorial
Unifying Network Filtering Rules for the Linux Kernel with eBPFNetronome
At the core of fast network packet processing lies the ability to filter packets, or in other words, to apply a set of rules on packets, usually consisting of a pattern to match (L2 to L4 source and destination addresses and ports, protocols, etc.) and corresponding actions (redirect to a given queue, or drop the packet, etc.). Over the years, several filtering frameworks have been added to Linux. While at the lower level, ethtool can be used to configure N-tuple rules on the receive side for the hardware, the upper layers of the stack got equipped with rules for firewalling (Netfilter), traffic shaping (TC), or packet switching (Open vSwitch for example).
In this presentation, Quentin Monnet reviewed the needs for those filtering frameworks and the particularities of each one. Then focuses on the changes brought by eBPF and XDP in this landscape: as BPF programs allow for very flexible processing and can be attached very low in the stack—at the driver level, or even run on the NIC itself—they offer filtering capabilities with no precedent in terms of performance and versatility in the kernel. Lastly, the third part explores potential leads in order to create bridges between the different rule formats and to make it easier for users to build their filtering eBPF programs.
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and ReportingDsunte Wilson
Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur.
Slides from a presentation I gave on SSH. Covers basics of ssh, password|keys|host-based authentication, agent/key forwarding, configuration files (global and user-specific), local/remote port forwarding, scp, rsync, and briefly mentions git's support.
Increase security, evolve your datacentre, and innovate faster with Microsoft Windows Server 2016—the cloud-ready operating system.
Learn more about:
» Windows Server 2016 as the 4th Era of Windows Server
» Editions & features
» Hardware requirements
» Features:
• Nano server
• Containers
• Hyper-V Hot-Add Virtual Hardware
• Nested Virtualization
Introduction to users and groups in Linux. We will explore how to set user expiry information and force user password change after certain period of time. We will be also providing different permission to users and groups and restricting users and groups operations using sudoers file
● Fundamentals
● Key Components
● Best practices
● Spring Boot REST API Deployment
● CI with Ansible
● Ansible for AWS
● Provisioning a Docker Host
● Docker&Ansible
https://github.com/maaydin/ansible-tutorial
Unifying Network Filtering Rules for the Linux Kernel with eBPFNetronome
At the core of fast network packet processing lies the ability to filter packets, or in other words, to apply a set of rules on packets, usually consisting of a pattern to match (L2 to L4 source and destination addresses and ports, protocols, etc.) and corresponding actions (redirect to a given queue, or drop the packet, etc.). Over the years, several filtering frameworks have been added to Linux. While at the lower level, ethtool can be used to configure N-tuple rules on the receive side for the hardware, the upper layers of the stack got equipped with rules for firewalling (Netfilter), traffic shaping (TC), or packet switching (Open vSwitch for example).
In this presentation, Quentin Monnet reviewed the needs for those filtering frameworks and the particularities of each one. Then focuses on the changes brought by eBPF and XDP in this landscape: as BPF programs allow for very flexible processing and can be attached very low in the stack—at the driver level, or even run on the NIC itself—they offer filtering capabilities with no precedent in terms of performance and versatility in the kernel. Lastly, the third part explores potential leads in order to create bridges between the different rule formats and to make it easier for users to build their filtering eBPF programs.
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and ReportingDsunte Wilson
Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur.
SYMANTEC ENDPOINT PROTECTION Administration IntroductionDsunte Wilson
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows and Mac computers, and servers in your network against malware.
Symantec Endpoint Protection combines virus protection with advanced threat protection to proactively secure your computers against known and unknown threats.
IBM BladeCenter Fundamentals Introduction Dsunte Wilson
After completing this unit, you should be able to:
List the major elements common to the IBM BladeCenter
Describe the key aspects of compatibility between BladeCenter models
Identify the components providing redundancy in the BladeCenter chassis
Match the power components necessary to support varying BladeCenter resource configurations
List the power input requirements for the BladeCenter models
Describe the common cooling components used in the BladeCenter chassis
Describe the supported disk configurations for the BladeCenter S
WP Ultimo is a WordPress Multisite plugin that enables you to offer a WaaS or Websites as a Service to customers. Before we dive in and learn how WP Ultimo can help your business and customers there is some foundational knowledge that we need to acquire.
If you are preparing for SCCM interview questions and wanted to have an Ultimate Real Time Q&A docs, then this is just for you.
Get another Questionnaire Top Most Asked SCCM INTERVIEW questions prepared for you only.
Drop your request on "mirabhavdigital@gmail.com" with comment " SCCM YES"
Quickly learn how to drive patchVantage and understand the benefits using the presentation in conjunction with the AWS Cloud Instance. This is a real-time actual Oracle Database Administration session
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection CenterDsunte Wilson
Protection Center lets you manage Symantec Endpoint Protection together with other Symantec products in a single environment. Symantec Endpoint Protection is integrated with Protection Center by means of a series of Web services.
These Web services provide communication between the Symantec Endpoint Protection Manager server and the Protection Center server.
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementDsunte Wilson
You can centrally manage all types of servers from the Admin page in the Symantec Endpoint Protection Manager Console.
The Admin page, under View Servers, lists the following groupings:
■ Local Site
The console on the local site, databases, replication partners, such as other consoles whose databases replicate, and optional Enforcers
■ Remote Sites
The console on any remote site, databases, replication partners, such as other management servers whose databases replicate, and optional Enforcers
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
2. ABOUT SITES AND REPLICATION
A site consists of one database, one or more management servers,
and clients. By
default, you deploy Symantec Endpoint Protection with a single site.
Organizations
with more than one datacenter or physical location generally use
multiple sites.
2
3. ABOUT SITES AND REPLICATION
Before you set up multiple sites and replication, make sure that it is
necessary.
Symantec recommends that you set up replication only in specific
circumstances.
If you do add an additional site, decide which site design works for
your organization.
3
4. ABOUT SITES AND REPLICATION
When you install Symantec Endpoint Protection for the first time, by
default you have installed the first site, or the local site.
You install the management server for the second site by using the
Management Server Configuration wizard. In the wizard, click the
Install an additional site option and following the instructions in the
wizard.
4
5. ABOUT SITES AND REPLICATION
The second management server is classified as a remote site and
called a replication partner. When you add the second site as a
replication partner, you perform the following tasks:
■ By default, replication is scheduled to occur automatically. However,
you can change the replication schedule, based on the amount of disk
space that is available.
■ Choose whether to replicate logs, client installation packages, or
LiveUpdate content.
5
6. ABOUT SITES AND REPLICATION
The first time that the databases between the two sites replicate, let
the replication finish completely. The replication may take a long time
because the entire database gets replicated.
You may want to replicate the data immediately, rather than waiting
until the database are scheduled to replicate. You can also change the
replication schedule to occur earlier or later.
6
7. HOW REPLICATION WORKS
Replication is the process of sharing information between databases
to ensure that the content is consistent.
You can use replication to increase the number of database servers
that are available to clients and thereby reduce the load on each.
Replication is typically set up during the initial installation.
7
9. HOW REPLICATION WORKS
A replication partner is another site with one database server. It also
has a connection to the site that you designate as a main site or a
local site.
A site may have as many replication partners as needed. All
replication partners share a common license key.
The changes that you made on any replication partner are duplicated
to all other replication partners whenever Symantec Endpoint
Protection Manager is scheduled to replicate data.
9
10. HOW REPLICATION WORKS
Replication partners are listed on the Admin page.
You can display information about replication partners by selecting
the partner in the tree.
All sites typically have the same type of database.
You can, however, set up replication between sites by using different
types of databases. In addition, you can also set up replication
between an embedded database and an MS SQL database.
10
11. HOW REPLICATION WORKS
If you use an embedded database, you can only connect one
Symantec Endpoint Protection Manager to it because of configuration
requirements.
If you use anMS SQL database, you can connect multiple management
servers or share one database.
Only the first management server needs to be set up as a replication
partner.
11
12. HOW REPLICATION WORKS
All sites that are set up as replication partners are considered to be
on the same site farm.
Initially, you install the first site, then install a second site as a
replication partner.
A third site can be installed and set up to connect to either of the first
two sites.
You can add as many sites as needed to the site farm.
You can delete replication partners to stop the replication.
Later you can add that replication partner back to make the
databases consistent. However, some changes may collide.
12
13. HOW REPLICATION WORKS
You can set up data replication during the initial installation or at a
later time.
When you set up replication during the initial installation, you can also
set up a schedule for the synchronization of the replication partners.
13
14. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
If administrators make changes on at each replication site
simultaneously, some changes may get lost.
If you change the same setting on both sites and a conflict arises, the
last change is the one that takes effect when replication occurs.
For example, site 1 (New York) replicates with site 2 (Tokyo) and site
2 replicates with site 3 (London).
You want the clients that connect to the network in New York to also
connect with the Symantec Endpoint Protection Manager in New York.
However, you do not want them to connect to the management server
in either Tokyo or London.
14
15. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
When you set up replication, client communication settings are also
replicated. Therefore, you need to make sure that the communication
settings are correct for all sites on the site farm in the following
manner:
■ Create generic communication settings so that a client's connection is
based on the type of connection. For example, you can use a generic
DNS name, such as symantec.com for all sites on a site farm.
Whenever clients connect, the DNS server resolves the name and
connects the client to the local Symantec Endpoint Protection Manager.
■ Create specific communication settings by assigning groups to sites
so that all clients in a group connect to a designated management
server.
15
16. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
For example, you can create two groups for clients at site 1, two
different groups for site 2, and two other groups for site 3.
You can apply the communication settings at the group level so clients
connect to the designated management server.
You may want to set up guidelines for managing location settings for
groups.
Guidelines may help prevent conflicts from occurring on the same
locations.
You may also help prevent conflicts from occurring for any groups that
are located at different sites.
16
17. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
After replication occurs, the database on site 1 and the database on
site 2 are the same.
Only computer identification information for the servers differs.
If administrators change settings on all sites on a site farm, conflicts
can occur.
For example, administrators on site 1 and site 2 can both add a group
with the same name.
If you want to resolve this conflict, both groups then exist after
replication. However, one of them is renamed with a tilde and the
numeral 1 (~1).
17
18. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
If both sites added a group that is called Sales, after replication you
can see two groups at both sites.
One group is called Sales and the other is called Sales 1.
This duplication occurs whenever a policy with the same name is
added to the same place at two sites.
If duplicate network adapters are created at different sites with the
same name, a tilde and the numeral 1 (~1) is added. The two symbols
are added to one of the names.
18
19. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
If different settings are changed at both sites, the changes are
merged after replication.
For example, if you change Client Security Settings on site 1 and
Password Protection on site 2, both sets of changes appear after
replication.
Whenever possible, changes are merged between the two sites.
If policies are added at both sites, new policies appear on both sites
after replication.
Conflicts can occur when one policy is changed at two different sites.
If a policy is changed at multiple sites, the last update of any change
is then maintained after replication.
19
20. SYMANTEC ENDPOINT PROTECTION
REPLICATION SCENARIOS
If you perform the following tasks with the replication that is scheduled
to occur every hour on the hour:
■ You edit the AvAsPolicy1 on site 1 at 2:00 P.M.
■ You edit the same policy on site 2 at 2:30 P.M.
Then only the changes that have been completed on site 2 appear
after replication is complete when replication occurs at 3:00 P.M.
If one of the replication partners is taken offline, the remote site may
still indicate the status as online.
20
21. CONFIGURING REPLICATION
Adding and disconnecting a replication partner
If you want to replicate data with another site, you may have already
set it up during the initial installation.
If you did not set up replication during the initial installation, you can
do so now by adding a replication partner.
Multiple sites are called a site farm whenever they are set up as
replication partners.
You can add any site on the site farm as a replication partner.
21
22. CONFIGURING REPLICATION
Disconnecting replication partners
Deleting a replication partner merely disconnects a replication
partner from Symantec Endpoint Protection Manager.
It does not delete the site.
You can add the site back later if you need to do so by adding a
replication partner.
22
23. CONFIGURING REPLICATION
Replicating data on demand
Replication normally occurs according to the schedule that you set up
when you added a replication partner during installation.
The site with the smaller ID number initiates the scheduled replication.
At times, you may want replication to occur immediately.
23
24. CONFIGURING REPLICATION
Changing replication frequencies
Replication normally occurs according to the schedule that you set up
when you added a replication partner during the initial installation.
The site with the smaller ID number initiates the scheduled replication.
When a replication partner has been established, you can change the
replication schedule.
When you change the schedule on a replication partner, the schedule
on both sides is the same after the next replication.
24
25. CONFIGURING REPLICATION
Replicating client packages and LiveUpdate content
You can replicate or duplicate client packages and LiveUpdate
content between the local site and this partner at a remote site.
You may want to copy the latest version of a client package or
LiveUpdate content from a local site to a remote site.
The administrator at the remote site can then deploy the client
package and LiveUpdate content.
25
26. CONFIGURING REPLICATION
If you decide to replicate client packages and LiveUpdate content,
you may duplicate a large volume of data.
Should you replicate many packages, the data may be as large as 5
GB.
Both Symantec Endpoint Protection and Symantec Network Access
Control 32- bit and 64-bit installation packages may require as much
as 500 MB of disk space.
26
27. CONFIGURING REPLICATION
Replicating logs
You can specify that you want to replicate or duplicate logs as well as
the database of a replication partner.
You can specify the replication of logs when adding replication
partners or by editing the replication partner properties.
If you plan to replicate logs, make sure that you have sufficient disk
space for the additional logs on all the replication partner computers.
27
28. FAILOVER AND LOAD BALANCING
The client computers must be able to connect to a management server
at all times to download the security policy and to receive log events.
Failover is used to maintain communication with a Symantec Endpoint
Protection Manager when the management server becomes
unavailable.
Load balancing is used to distribute client management between
multiple management servers.
28
29. FAILOVER AND LOAD BALANCING
You can set up failover and load balancing if you use a Microsoft SQL
Server database.
You can set up failover with the embedded database, but only if you
use replication.
When you use replication with an embedded database, Symantec
recommends that you do not configure load balancing, as data
inconsistency and loss may result.
To set up failover and load balancing, you add multiple management
servers or Enforcers to a management server list.
29
30. FAILOVER AND LOAD BALANCING
You can install two or more management servers that communicate
with one Microsoft SQL Server database and configure them for
failover or load balancing.
Since you can install only one Symantec Endpoint Protection Manager
to communicate with the embedded database, you can set up failover
only if you replicate with another site.
When you use replication with an embedded database, Symantec
recommends that you do not configure load balancing, as data
inconsistency and loss may result.
30
31. FAILOVER AND LOAD BALANCING
A management server list is a prioritized list of management servers
that is assigned to a group.
You should add at least two management servers to a site to
automatically distribute the load among them.
You can install more management servers than are required to handle
your clients to protect against the failure of an individual management
server. In a custom management server list, each server is assigned to
a priority level
31
32. FAILOVER AND LOAD BALANCING
A client that comes onto the network selects a priority one server to
connect to at random.
If the first server it tries is unavailable and there are other priority
one servers in the list, it randomly tries to connect to another.
If no priority one servers are available, then the client tries to connect
to one of the priority two servers in the list.
This method of distributing client connections randomly distributes the
client load among your management servers.
32
34. FAILOVER AND LOAD BALANCING
In a failover configuration, all clients send traffic to and receive traffic
from server 1.
If server 1 goes offline, all clients send traffic to and receive traffic
from server 2 until server 1 comes back online.
The database is illustrated as a remote installation, but it also can be
installed on a computer that runs the Symantec Endpoint Protection
Manager.
34
35. FAILOVER AND LOAD BALANCING
You may also want to consider failover for content updates, if you
intend to use local servers.
All the components that run LiveUpdate can also use a prioritized list
of update sources.
Your management servers can use a local LiveUpdate server and
failover to LiveUpdate servers in other physical locations.
35
Editor's Notes
Symantec recommends that you add a maximum of five sites in the site farm.
The use of internal LiveUpdate servers, Group Update Providers, and sitereplication does not provide load balancing functionality. You should not set upmultiple sites for load balancing.