When Policies are Pushed out to the Endpoint Agent

book

Article ID: 160490

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention Endpoint Discover

Issue/Introduction

When are policies pushed out to the Endpoint Agent?

Resolution

Polices are pushed out to the agent for any of these reasons

1) The Endpoint Agent connects to the Endpoint Server after being disconnected from the network.

2) The Endpoint Agent connects to the Endpoint Server after being restarted.

3) The Endpoint Server is restarted.

4) The MonitorController is restarted.

5) A policy is changed, enabled or disabled, then policies will be distributed. 
6) A
response rule changes, then response rules will be distributed.
 

Starting in version 10, the policies will be compressed before being sent to the Endpoint Agent to reduce the bandwidth requirements.

If you believe that the network issues happen because of policy distribution, then you might try adjusting the following properties in Aggregator.properties on the Monitor:

 

data.flow.shipping.thread.pool.size = 5

data.flow.structured.thread.pool.size = 10

 

This step will cause policy changes be sent to fewer agents concurrently.  Thus, it will reduce the load on the network.  However, the time taken to distribute policy changes will also increase.