With respect to policies, tasks, ect, export from the old and import into the new.
There are some items such as Users that require manual add into the new. (typically a good time to do a user audit)
DLP will be OK since you are on the newer module and do not have to convert from legacy module (9.3)
Make sure you transfer your security keys! Save them in 3 places before nuking the legacy ePO version.
Using the migration tool is the easiest way I know of.
I neglected to mention nodes. If you are upgrading agent version, IMO, I think its valuable to start fresh. Meaning that once you have policies, tasks, assignment rules, ect. moved over, push agent from the new overtop of the current agent on nodes. This 1. installs upgraded MA 2. "migrates" / new ePO assumes management.
If you collect evidence per DLP rules, just use the same UNC.
Additionally I would recommend using the system transfer function, as it only changes the sitelist.xml on the client side so that the agent knows how to communicate with the new epo and server side it adds entries to the new epo database.
This is cleaner and safer than force installing over an existing installation.
Furthermore, before transferring, get all your agents to 4.8 patch 3 and then transfer. Unless you have to upgrade to 5.0.4, i'd recommend staying with 4.8 p3.
System transfer is an option...
However, if you want an agent upgrade and migration in one change, install over existing MA is the most logical option.
Also, if you want a "fresh" DB, you're better off doing a new agent install.
It really depends on what you want.
Thank you all for your valuable suggestions.. do we have migration utility for epo ? Where can I find it and would be nice if you have any kb articles on how to use the epo migration utility ??
Does migrating security keys from old to new epo and systems will automatically update the sitelist.XML what about sitemgr.XML should I export and import the same from old to new as well ?
In addition do I need to decrypt the systems that r running MDE 6.x and 7.x before transferring the systems to the new epo ? What is best recommendation from you all for MDE clients ?
Thank you all for your continuous help and valuable suggestions.
The migration tool hides under the disguise of "UpgradeCompatibility", so try running UpgradeCompatibility.exe from the UpgradeCompatibility folder in the unpacked ePO 5.3.2 distribution.
It's also documented in McAfee's ePO 5.3.2 docs.