Policy replication lets you create an exact replica of an existing policy and execute the replicated policy on another manager. If a policy is marked as read-only, you must uncheck the read-only option in the policy dialog box to make the policy changes.
The policy version is incremental. When you replicate a policy for the first time, the version of the policy is displayed as 1. You may replicate a policy on the target manager as read-only if you do not want the replications to be modified on any manager.
You can also replicate policies from a Windows source manager to a UNIX target manager. In such a scenario, you must register the Windows agent to the UNIX manager for a successful policy run. However, if you do not register the Windows agent to the UNIX manager and a policy run fails, the failure is not considered for compliance calculation. The same is true for a 32-bit source manager and a 64-bit target manager, or vice versa.
To replicate a policy
In the Replicate Policy panel, select the manager from the Available manager(s) list box and click >> to add the manager. The managers that you have selected appear in the Selected manager(s) list box.
By default, the Backup file name text box displays the policy name, the policy version, the current datestamp, and the timestamp. You can also manually type the backup file name. You can enter your own backup file name in the text box.
The backup file is stored at C:\Program Files\Symantec Security Manager\Symantec ESM Enterprise Console\Policy Backup\<target manager name>. You do not have an option to save the backup file at a location other than the default location.
If the target manager contains a policy by the same name, then the policy contents are overwritten by the policy that you want to replicate. When you click the Take a backup option, Symantec ESM takes a backup of the existing policy on the target manager. The policy backup files are stored in the <INSTALLDIR>\Policy Backup\<MANAGERNAME>\ folder. If this location contains a backup file by the same name, then you may choose to overwrite the existing backup file. If you do not choose to overwrite the existing backup file, the replication process terminates with a file name conflict error.