I am re-posting this as my previous question was being treated as if I am "Shopping or seeking Product Recommendations" even though I was NOT - BTW they have deleted my comments too which were not offensive in nature. anyway - I have re-phrased some parts of my question and I hope SF Admins "Do Not Modify / Edit" this one - will be most grateful for that. I have a lot of respect for the People who visit this SITE and help others !
Just To clarify :
Just to go by SF rules - I am not seeking someone to Design this
solution, I am simply seeking real world examples, experiences,
technical expert opinions / suggestions, any tips or tricks they may
have or any problems they may have faced while doing something similar
above with these products. I am also not asking for Capacity Planning for Storage, We have done some research and I am seeking Expert Assurance / Suggestions.
We (our company) are planning to deploy Symantec Endpoint Protection and Symantec Desktop Recovery 2011 Desktop Edition to our 3000 - 4000 workstations (Windows7 32 and 64) with a few 100s with Windows XP 32/64 Bit.
I have read the implementation guide for SEP and have read tech-notes for Desktop Recovery 2011.
Our team have planned to deploy this as follows :
1 x dedicated SQL 2008R2 for Symantec Endpoint Protection (Instead of using the Embedded Database)
1 x Dedicated SQL 2008R2 for Symantec Desktop Recovery 2011 (Instead of using the Embedded Database)
1 x Dedicated W2K8 R2 Box for the SEPM (Symantec Endpoint Protection Manager - Mgmt. APP)
1 x Dedicated W2K8 R2 Box for the Symantec Desktop Recovery 2011 Management Application
Agent Deployment :
As per Symantec Documentation for both of the above, an agent can be pushed via the Mgmt. Application (provided no firewalls are blocking ports required etc. - we have Windows firewall disabled already).
Server Hardware :
Per SQL Server : 16GB RAM + SAS DISKS + Dual XEON, RAID-10 for the SQL DB or I can always mount a LUN from our existing Hitachi or EMC SAN.
SEPM Server : 16GB RAM + SAS DISKS + DUAL XEON
System Recovery MGMT SERVER : 16GB RAM + SAS DISKS + DUAL XEON
Above is the initial plan we have for 3000 - 4000 client workstation (Windows)
Now my Questions :-)
a) If we had these users distributed amongst two sites with AD DC / GC in each site, How would I restrict SEPM and Desktop Mgmt. solution to only check for users in their respective site ?
b) At present all users are under one building but we are going to move some dept. to a new location (with dedicated connectivity), How would we control which SEPM / MGMT Server is responsible for which site ?
c) We have netbackup in our environment backing up other servers, I am planning to protect these 4 (2 x SQL, 1 x SEPM, 1 x System Recovery Mgmt. Server) via netbackup or I can use System recovery 2011 server edition on all 4 of these boxes as well. (License is not an issue as we have the complete symantec portfolio included in our license).
d) Now - Saving Desktop backups - What strategies have you implemented ? Any best practice recommendation for a large user base ? I was thinking to either mount a LUN from our Hitachi SAN on the Symantec Recovery Server itself or backup to the users hard drive locally and then copy it over to a network location ? Suggestions welcome :-)
If you have anything to add / correct - that will be really helpful before diving into the actual implementation phase.
Will be most grateful with your suggestions, recommendations and corrections with above -
Many Thanks !