cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor Fademidun
Reliable Contributor
Report Inappropriate Content
Message 1 of 7

Migrating from DLP 9.3 to 9.4

Jump to solution

Hello,

Anyone with doc/links/advise on how to migrate DLP from 9.3 to 9.4 then 10.x

Please I need as much info as possible especially from someone who has done this before.

I'm currently running both side by side

Thanks

1 Solution

Accepted Solutions

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

I would recommend going with server 2016 not server 2012. It'll make it less painful in the future for updates. Is it supported going from 2008 SQL to 2016 SQL?

If you're a smaller shop with only a few custom policies I would say start from scratch. This will let you get very familiar with your current policies and show you how to implement them in the new environment especially if you're not the admin who created them to start with. It will also let you revise the policies and make updates to them that you may not have realized were possible before.  The larger your organization the more tedious this becomes. McAfee's new update tool should work well if you decide to do a supported update route instead.

No matter what make sure to make backups. I've done a few ePO updates and while I only had issues with one it took ePO completely off the server and failed to install the new version. Reverting to a backup made recovery easy.

If you use McAfee for Encryption you'll want to read the encryption guide to updating. There are a few caveats especially when moving servers.

Just a warning when you move off from DLP 9.3 the regex syntax changes since McAfee moved to Google's RE2.

View solution in original post

6 Replies
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 2 of 7

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

Discussion successfully moved from Community Support to Data Loss Prevention (DLP)

For better assistance and better exposure.

Cliff
McAfee Volunteer
Highlighted

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

What do you mean you're running both side by side? Are you running all three versions right now or just 9.3 and 9.4?

Reliable Contributor Fademidun
Reliable Contributor
Report Inappropriate Content
Message 4 of 7

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

Of course 9.3 and 9.4

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

Why do you have 9.3 in your environment? Moving over to 10 is a fairly big deal. From the documentation it looks like you'll need to do a fair amount of policy recreation.

Is there a functionality reason why you want to migrate versions? 9.4 doesn't have an EOL date as of now, and it looks like it won't be until at least 2019 judging by the EOL for 9.3

Have you looked into DLP 11 that was recently released? Both migration guides are listed below.

McAfee Corporate KB - Data Loss Prevention 11.x Migration Guide PD27068

McAfee Corporate KB - Data Loss Prevention 10.x Migration Guide PD27013

Reliable Contributor Fademidun
Reliable Contributor
Report Inappropriate Content
Message 6 of 7

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

Thanks for sharing these docs. I've decided to settle for new Build, not that we have a choice anyway as our current environment is on Win2K8 R2/SQL2K8/ePO 5.3.0.400

We're moving to W2K12 R2/W2K16, ePO 5.9 and SQL2K16. So new build, Policy Migration and Upgrade are mandatory (We're waiting for Patch 1 to be release for ePO 5.9)

I have 2 choices either (1) build new environment with new OS-12/16 and SQL-16 and replicate ePO to current version - 5.3.0, migrate all rules and policies etc., move systems then Upgrade to 5.9.1 or (2) start from scratch afresh everything new then migrate and move systems. Whichever option I choose I know for sure it's going to be a fairly big Job.

Honestly DLP 9.4 is non functional, just install to have a feel!

What do you suggest/advise

Re: Migrating from DLP 9.3 to 9.4

Jump to solution

I would recommend going with server 2016 not server 2012. It'll make it less painful in the future for updates. Is it supported going from 2008 SQL to 2016 SQL?

If you're a smaller shop with only a few custom policies I would say start from scratch. This will let you get very familiar with your current policies and show you how to implement them in the new environment especially if you're not the admin who created them to start with. It will also let you revise the policies and make updates to them that you may not have realized were possible before.  The larger your organization the more tedious this becomes. McAfee's new update tool should work well if you decide to do a supported update route instead.

No matter what make sure to make backups. I've done a few ePO updates and while I only had issues with one it took ePO completely off the server and failed to install the new version. Reverting to a backup made recovery easy.

If you use McAfee for Encryption you'll want to read the encryption guide to updating. There are a few caveats especially when moving servers.

Just a warning when you move off from DLP 9.3 the regex syntax changes since McAfee moved to Google's RE2.

View solution in original post

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community