Choosing a migration path

Decide which migration path to follow by considering the characteristics of your network or managed systems and your migration goals.

  1. Decide whether you need to migrate. Do you want to retain any current settings or assignments for your legacy products?
    • No — Install Endpoint Security without migrating. See the product installation guide for instructions.
    • Yes — Use the Endpoint Migration Assistant to migrate your settings before deploying the Endpoint Security Client to systems.
  2. If you want to migrate your settings, decide whether to migrate automatically or manually.
    • Automatic migration is a "hands-off" process. The Migration Assistant makes most migration decisions "behind the scenes."

      Recommended if you:

      • Have a network with fewer than 250 managed systems
      • Use default policy settings or a minimum number of custom policies

      Tip: Best practice: You can test and verify automatic migration on a single group in your System Tree before migrating settings for all your managed systems.
    • Manual migration is a "hands-on" process. You make most of the migration decisions by selecting the objects to migrate and editing their settings, if needed.

      Recommended if you:

      • Have a network with more than 250 managed systems
      • Use multiple custom policies
      • Want to fine-tune existing policy settings during the migration process
      • Want to fine-tune assignments
      • Want to migrate settings to single-platform policies
      • Want to personally supervise and approve each step of the migration process

Table 1: Choosing a migration path
Pros Cons
Automatic migration
  • Requires minimal input from you.
  • Migrates settings for the entire System Tree or a single group and its subgroups.
  • Migrates all policies, client tasks, and the Host IPS Catalog for Windows products.
  • Migrates IPS Trusted Applications settings where Mark Trusted with IPS is enabled.
  • Optionally migrates policies for Mac and Linux products.
  • Optionally migrates Linux on-demand scan client tasks.
  • Creates multi-platform target policies combining Windows, Mac, and Linux settings.
  • Retains policy and client task assignments.
  • You can't select specific objects to migrate.
  • You can't edit target policies.
  • You can't create single-platform target policies.
  • Does not migrate unassigned policies.
Manual migration
  • Lets you select objects to migrate.
  • Lets you edit policies before migrating.
  • Lets you create both single-platform and multi-platform target policies.
  • Requires input from you.
  • Does not retain assignments. You need to assign policies and client tasks to managed systems.
  • Does not migrate IPS Trusted Applications settings where Mark Trusted with IPS is enabled.