SAV10 migration steps

Starting the SAV10 server infrastructure process…

  1. Download and install LU Admin v1.5.4, required to fetch SAV10 updates for our internal LiveUpdate FTP server. Installed over existing version, purged and re-downloaded alll current SAV/NAV related files, and also updates for Symantec products commonly used at UVM. note: needed to set the LU Admin tool to “download previously retrieved updates” during the initial download… otherwise it refuses to get new definitions!
  2. Uninstall Quarantine, Quarantine Console, and Symantec System Center on Norton1, Norton2.
  3. Attempt to run SAV installer by running setup.exe at the root of the SAV10 CD… setup appears to run, but all it actually does is remove files from the server! Aargh! Attempt to use the “Server Deployment” tool to push updates to Norton1 and Norton2… the wizard forces me to re-create the “UVM Antivirus 1” group, and to specify a username/password for the group… I do this. The wizard then copies installer files to the hosts, and then hangs for half an hour. I am forced to cancel the installation.
  4. reboot both systems, then attempt to run the regualr installer again. This time, the installer works (although SAV is now installed in the default “%systemdrive%program filesSymantec AntiVirus” folder, instead of the original folder from the SAV 9 install. Hmmm….
  5. install Central Quarantine on Norton1. Install system center and quarantine console on norton1 and norton2
  6. Upon launching SSC, there are now two “UVM AntiVirus 1” groups, each with one of the NORTON parent servers. The group with NORTON1 is non-functional, as it reports that NORTON1 is DOWN (even though Norton1 appears to be running all of its Symantec services). Aargh!
  7. Fix hangs when attempting to view NORTON1 history files by archiving old (and probably corrupt log files. To do this, I stop the SAV service, then remove all files from c:documents and settingsall usersapplication datasymantecsymantec antivirus corporate edition7.5logs.
  8. SSC listing of NORTON1 system status as “down” could be the result of server overload… see symantec KB article:
    http://service1.symantec.com/SUPPORT/ent-security.nsf/529c2f9adcf33a1088256e22005026f1/6a0fbf5fc81a6c9588256d6c0060fa5e?OpenDocument&prod=Symantec%20AntiVirus%20Corporate%20Edition&ver=9.0&src=ent&pcode=sav_ce&dtype=corp&svy=&prev=&miniver=savce_9.0

    nope… that did not help at all…
  9. called Symantec tech support. They speculated that the upgrade of the “UVM AntiVirus 1” server group was botched. The workaround was to first move the functioning “Norton2” server to a new, separate server group. Next, we remove the HKLMsoftwareintellandeskvirusprotect6domaindata registry key (after backing up the registry). This effectively lobotomizes Norton1, and makes it forget that it is the primary server in the AV group. After a reboot, the UVM AV 1 group is again accessible via SSC. We re-promote NORTON1 to primary server of the group, and move Norton2 back in. Our AV group policies are totally shot, so I need to rebuild all policies. Joy.
  10. Scheduled tasks on the operating systems have stopped running. Reason is that path to .exe files changed with the upgrade. I have updated all of the executable paths.
  11. Roaming services have been implemented… this will allow SAV 9+ clients to load balance between NORTON1 and NORTON2 parent servers.
  12. Important SAV10 server settings… new feature is “performance tuning”… I needed to activate management of back-level SAV clients. Also, I set options to skip over clients that are not checking in with the parent server. This will allow faster push of updated definitions as they become avialable.
Advertisements