DLP Endpoint SEE flex response generating .xml files

book

Article ID: 159721

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

This document is created for providing the symptoms of a well know issue. 

DLP agent is deployed with SEE (Symantec Endpoint Encryption), DLP using the Endpoint flexresponse to Encrypt any sensitive data going out on the USB drive.

Once the file is copied say abc.doc, the DLP endpoint flex response gets executed and SEE prompt for the password to encrypt the file. However waiting for 20 seconds the SEE password windows again appears, after entering the password for second time , a abc.doc.xml file is created, and again waiting for 20 seconds one more SEE password windows appears, this time after entering the password 3rd file called abc.xml.xml gets created. This goes in loop and never stops until you stop providing the password to SEE windows.

Resolution

Reason : VEP file optimization is not compatible with Symantec Endpoint Encryption software.

Go to System > Servers > Overview > Server Detail > Advanced Endpoint Settings 

Set the FileSystem.ENABLE_VEP_FILE_ELIMINATION.int to 1.

Setting the above configuration to 1 means you are enabling this setting which means the VEP files will not be generated.

- Recycle Vontu Monitor service after making the related change.