How to change the Data Loss Prevention(DLP) Enforce console session timeout settings.

book

Article ID: 160528

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

You are automatically logged out of the Enforce console after 30 minutes of inactivity and receive the message: " Your session has expired and you will be logged off "

Resolution

Relevant Versions:  ALL

DLP versions 15.0.x and below:

C:SymantecDLPProtecttomcatwebappsProtectManagerWEB-INFweb.xml

DLP Versions 15.1.x and above:

C:Program FilesSymantecDataLossPreventionEnforce<version>ProtecttomcatwebappsProtectManagerWEB-INFweb.xml

   <session-config>
        <session-timeout>30</session-timeout>
    </session-config>

Change the default settings from: 30 to 600 (from a half-hour to 10 hours)

   <session-config>
        <session-timeout>600</session-timeout>
    </session-config>


In addition, you must also increase the lock timeout to the equivalent time in milliseconds:

http://www.calculateme.com/Time/Minutes/ToMilliseconds.htm

To increase the lock timeout :

  • DLP versions 15.0.x and below:
    Change model.lockserver.locktimeout in C:VontuProtectconfigModel.properties
  • DLP versions 15.1.x and above:

Change model.lockserver.locktimeout in C:\Program Files\Symantec\DataLossPrevention\EnforceServer\<version>\Protect\config\Model.properties

CHANGE DEFAULT FROM:
model.lockserver.locktimeout = 1800000
TO:
model.lockserver.locktimeout = 36000000

Restart all Vontu services on the Enforce server.

NOTE:  Never adjust the UI session timeout without setting the lock timeout to the same value. Otherwise the application behavior may be nondeterministic.