Data Loss Prevention Release from Quarantine to Symantec Messaging Gateway is not working after upgrading Data Loss Prevention or Symantec Management Gateway systems.

Article Id: 169881

Status: Published

Updated On: 19-04-2018 14:09

Legacy Id: TECH247107

Products:

Data Loss Prevention Enforce

Issue/Introduction:

The Release from quarantine option in DLP Enforce console no longer works to release the quarantined item from SMG.

It was previously working before upgrading the systems.

In the Enforce Tomcat Localhost log file:

20 Jul 2017 09:15:01,401- Thread: 161 SEVERE [com.symantec.dlpx.flexresponse.emailquarantineconnect.EmailQuarantineConnectPlugin] javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Cause:

The TLS version for the Enforce to the SMG connection using TLSv1.0 is no longer supported on SMG. The Enforce email quarantine configuration files need to be modified to use TLSv1.2

Resolution:

Modify the configuration files for flex response to use TLS version 1.2 in the following three files:

EmailQuarantineConnectApproved.properties
EmailQuarantineConnectCustom.properties
EmailQuarantineConnectRejected.properties

Note: These files are located in <drive>:\SymantecDLP\Protect\plugins

The setting "ssl-protocol-version = TLSv1" should be changed to "ssl-protocol-version = TLSv1.2"

Save the files and restart the Vontu Manager service.