6 Replies Latest reply on Feb 21, 2011 11:12 AM by Nielsb

    EPO DR Scenario

      I'm working on a DR project and EPO has been deemed in scope this year.  It’s more like a dual data center scenario.  I know there are some options with the new agent handler feature in ePO 4.5 but not sure that will work.  I wanted to get anyones thoughts on maybe how you’ve seen this done within large organizations.  This would be a scenario where our main data center goes down and we need to be able to manage all our agents from a remote backup data center.  In a perfect world I would like to have a mirror ePO server with all my policies, tasks, groups, etc online and up to date with a way to swing all the agents to it in the event of a disaster scenario.  How close to that can I get with the current 4.5 product today?  I know the agent can't report to multiple EPO servers yet (hint hint McAfee) so how do you handle this in your DR sites?  I guess I can have another EPO server at my DR site and then deploy the agent from it in the case of a disaster but then I have to keep everything from product version and patch level down to individual policies all in sync manually.  Also the bandwidth at this site wont' be what it is now and pushing the agent could be a concern.  Any thoughts or ideas are appreciated!  Thanks, Matt

       

       

      Message was edited by: matt529 on 12/18/09 12:55:03 PM CST
        • 1. Re: EPO DR Scenario
          psolinski

          I'm working on the same project - ePO DR (we are migrating to ePO4.5 soon).

          Agent Handlers seems to be useless in DR scenario, when main ePO server is gone. The only (and still not perfect) solution is separate ePO server in the DR, using the same security keys and sharing policies. Unfortunatelly this means a lot of maintenance as there is no way to synchronise:

          -products

          -extensions

          -tasks

          -directory structure

          -RSD

          -clients DB

           

           

          Any other ideas or solutions???

           

           

          Regards

          Piotr

          • 2. Re: EPO DR Scenario

            Anyone tried setting up a cluster for this?

            • 3. Re: EPO DR Scenario
              joeleisenlipz

              The technical requirements here are actually rather predictable:

              • You need to be familiar with Microsoft Cluster Service (MSCS).
              • You need hardware that meets your requirements in both places--this is a fail-over only scenario, NOT load-balancing.
              • The hardest, and generally most expensive thing is getting storage that is replicated between locations for both the SQL cluster, and the ePO cluster.

               

              The other issue is much harder to navigate. DR is generally very different from CO-OP. Before you begin to design a solution, you need a clear statement of what the requirements are. Ideally, this would be a service agreement of some kind, that states a requirement for up-time and specifics on maintenance.

               

              The sad truth is that most managers/executives make the decision, without understanding what the options and impact actually are. Most organizations can survive without ePO for days. At its heart, ePO is only necessary for reporting and altering policies. If you can slide for a few hours without either of those, you should seriously look at a MUCH cheaper and simpler restore/rebuild type of scenario, rather than true redundancy.

               

               

              Message was edited by: joeleisenlipz on 2/15/11 1:54:18 PM EST
              • 4. Re: EPO DR Scenario
                Thanks for the insight on that Joel!
                • 5. Re: EPO DR Scenario
                  JoeBidgood

                  This is an excellent summary - I'd just like to add one small point of clarification:

                   

                  • The hardest, and generally most expensive thing is getting storage that is replicated between locations for both the SQL cluster, and the ePO cluster.

                   

                   

                  In a cluster scenario, you must avoid having the SQL server cluster on the same cluster as the ePO server: we require the SQL server to be separate from the ePO cluster - so you could have a single standalone SQL server, or another SQL cluster, for example: just as long as they're not on the same cluster.

                   

                  HTH -

                   

                  Joe

                  • 6. Re: EPO DR Scenario
                    Nielsb

                    Maybe it's an option with VMware and Fault tolerance