A majority of small and medium-sized organizations need only a single site to centrally manage network security. Since each site has only one database, all data is centrally located.
Even a large organization with a single geographic location typically needs only needs one site. But for the organizations that are too complex to manage centrally, you should use a distributed management architecture with multiple sites.
You should consider multiple sites for any of the following factors:
A large number of clients.
The number of geographical locations and the type of communications links between them.
The number of functional divisions or administrative groups.
The number of datacenters. A best practice is to set up one Symantec Endpoint Protection site for each datacenter.
How frequently you want to update the content.
How much client log data you need to retain, how long you need to retain it, and where it should be stored.
A slow WAN link between multiple physical locations with thousands of clients. If you set up a second site with its own management server, you can minimize the client-server traffic over that slow link. With fewer clients, you should use a Group Update Provider.
Any miscellaneous corporate management and IT security management considerations that are unique.
Use the following size guidelines to decide how many sites to install:
Install as few sites as possible, up to a maximum of 20 sites. You should keep the number of replicated sites under five.
Connect up to ten management servers to a database.
Connect up to 45,000 to 50,000 clients to a management server.
After you add a site, you should duplicate site information across multiple sites by replication. Replication is the process of sharing information between databases to ensure that the content is consistent.
Table: Multi-site designs
For more information on whether or not to set up replication, see the following article: When to use replication with Symantec Endpoint Protection Manager