Data Loss Prevention Release from Quarantine to Symantec Messaging Gateway is not working after upgrading Data Loss Prevention or Symantec Management Gateway systems.

book

Article ID: 169881

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

The Release from quarantine option in DLP Enforce console no longer works to release the quarantined item from SMG.

It was previously working before upgrading the systems.

In the Enforce Tomcat Localhost log file:

20 Jul 2017 09:15:01,401- Thread: 161 SEVERE [com.symantec.dlpx.flexresponse.emailquarantineconnect.EmailQuarantineConnectPlugin] javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Cause

The TLS version for the Enforce to the SMG connection using TLSv1.0 is no longer supported on SMG.  The Enforce email quarantine configuration files need to be modified to use TLSv1.2 

Environment

DLP  14.x  - 15.x 

SMG 10.6.3 version+

Resolution

Modify the configuration files for flex response to use TLS version 1.2 in the following three files:

  • EmailQuarantineConnectApproved.properties
  • EmailQuarantineConnectCustom.properties
  • EmailQuarantineConnectRejected.properties

Note: These files are located in <drive>:\SymantecDLP\Protect\plugins

The setting "ssl-protocol-version = TLSv1" should be changed to "ssl-protocol-version = TLSv1.2"

Save the files and restart the Vontu Manager service.