cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Best Approach For Migrating ePO 5.3 FIPS To New 5.10 Server?

When we migrated ePO from 4.x to 5.x a few years ago, I had built out a new 5.x environment and followed the instructions to migrate over the policies/tasks per KB88822.  Then I pushed the agent package from the new ePO server to all the clients.  Back then our 4.x system was not running FIPS mode and we only used the VSE module.  Our current 5.3 system is running FIPS mode and we use Drive Encryption in addition to VSE.

I came across KB83186 and PD27693 for transferring DE-enabled systems to a new ePO system.  Would this process hold true for a FIPS scenario?  Is there any other special requirements for migrating a FIPS server?  Would the new 5.10 enivornment also need to be FIPS-enabled for the migration to work?

Thanks!

 

 

3 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Best Approach For Migrating ePO 5.3 FIPS To New 5.10 Server?

Migrating DE systems in any scenario is more a question for that team - I will move the post over to them.  Yes, your 5.10 server would also need to be in fips mode, unless you redeploy agents with a forceinstall from the other server.  But that might not be desirable for your DE systems.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted

Re: Best Approach For Migrating ePO 5.3 FIPS To New 5.10 Server?

Thanks for your reply.  Making the new 5.10 system run in FIPS mode shouldn't be a problem.  Are there any other requirements for the transfer?  I assume the keys don't need to be transferred if I'm going to redeploy the agent over top of itself like I did for our 4.x to 5.x migration?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Best Approach For Migrating ePO 5.3 FIPS To New 5.10 Server?

Let the DE team answer whether you should be redeploying the agent or not.  If they advise against reinstalling the agent, then yes you need to import keys from old server to new.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community