108
Migrating to the latest version
Checklist for migrating from Symantec Host IDS
Checklist for migrating from Symantec Host IDS
Symantec Critical System Protection contains an IDS component similar in functionality to Symantec Host IDS. Migrating from Symantec Host IDS to Symantec Critical System Protection is a fairly straightforward process.
Before starting the migration process, you should note the following:
■The Symantec Critical System Protection management server only runs on Windows, while the SESA server is
You may want to run Symantec Host IDS and Symantec Critical System Protection in parallel, migrating over agents from Symantec Host IDS to Symantec Critical System Protection in bunches, until potentially all Symantec Host IDS agents are migrated to Symantec Critical System Protection, and the SESA server can be retired.
Symantec Host IDS supports agent platforms that are not supported by Symantec Critical System Protection, so you might require a small continuing Symantec Host IDS presence to service those platforms. If you install the Symantec Critical System Protection management server on a separate computer from the SESA server, you might want to reuse the same communication ports that the SESA server uses to communicate with its agents, to simplify your firewall changes. The Symantec Critical System Protection installation process lets you specify which ports you want to use.
■The policy conversion utility migrates your custom Symantec Host IDS policies to Symantec Critical System Protection.
Use the policy conversion utility to convert your custom Symantec Host IDS policies into XML that can be imported into the Symantec Critical System Protection authoring environment (and eventually conditionally applied to your Symantec Critical System Protection agents).
See “Migrating legacy detection policy files” on page 111.
The policy conversion process automatically migrates your existing Symantec Host IDS registry and event log settings, but you will need to manually reenter any custom files under observation into the file lists in the following policies:
■Host_IDS_File_Tampering policy
■Template_FileWatch policy
■Your own custom
■Plan how to migrate your Symantec Host IDS agents to Symantec Critical System Protection.
As previously noted, you cannot migrate Symantec Host IDS agents that run on client platforms not supported by Symantec Critical System Protection. You should record the policy settings for each group of agents
