Change SUP synchronization message to secondary site SUP's to either be high priority or not use file based replication
If you have secondary site SUP's they are told to synchronize by the primary site by file based replication (sender sends a file to the secondary site telling it to sync).
This can be a problem if your secondary site(s) are operating under bandwidth controls, for example if you set to only allow high priority data to be sent during the working day to conserve bandwidth.
If the primary SUP synchronizes but the sender is unable to drop the required file to the secondary site, then what happens is all clients in the secondary site will try and switch their software update point to the primary as it's a higher version.
I think that this should be changed to either of the following:-
1) The file sent to the secondary site should be sent at high priority, or you can tell it to be sent at high priority so it always gets through no matter what sending controls are in place.
2) Alternatively, it could potentially be sent by SQL DRS replication instead of using file based replication.
Either way, I think this should be looked at otherwise as well as the issue stated above, it also can limit how many Endpoint Protection definitions you can deploy in a day.

2 comments
-
100% agree. I'm using a vote on this. Let me see what we can do.
-
Paul Faulkner commented
Admins, just want to bump this one...… I really think this is a good idea that should be considered. An easy one to fix too.