Key DLP agent and Endpoint Server communications settings

book

Article ID: 207657

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Suite

Issue/Introduction

You are looking for the recommended relationships between key DLP agent and Endpoint Server communications settings.

Environment

DLP 15.x

Resolution

In order to maintain stable communications between DLP agents and Endpoint Servers, the following setting relationships should be observed:

Setting A

Applies To

Default

Relationship To

Setting B

Applies To

Default

Enforce "Agent Not Reporting After" setting

Endpoint Server

18hr

>

ServerCommunicator.CONNECT_POLLING_INTERVAL_SECONDS.int

Agent

900 seconds

Load Balancer IP Source Persistence - aka ‘stickiness’, aka 'affinity'

Load Balancer

Varies by vendor

=

Transport.MAX_SSL_SESSION_LIFETIME_SECONDS.int / EndpointCommunications.SSLSessionCacheTimeoutInSeconds

Agent / Endpoint Server

86400 seconds

Load Balancer IP Source Persistence - aka ‘stickiness’, aka 'affinity'

Load Balancer

Varies by vendor

>

ServerCommunicator.CONNECT_POLLING_INTERVAL_SECONDS.int

Agent

900 seconds

CommLayer.NO_TRAFFIC_TIMEOUT_IN_SECONDS.int

Agent

300 seconds

>

EndpointCommunications.HEARTBEAT_INTERVAL_IN_SECONDS.int

Endpoint Server

270 seconds

EndpointCommunications.HEARTBEAT_INTERVAL_IN_SECONDS.int

Endpoint Server

270 seconds

<

Load Balancer connection idle timeout

Load Balancer

Varies by vendor

EndpointCommunications. IDLE_TIMEOUT_IN_SECONDS.int

Endpoint Server

30 seconds

<

Load Balancer connection idle timeout

Load Balancer

Varies by vendor

 

Additional Information

See also: Endpoint Server running slowly, Aggregator logs show 'Rejecting existing connection with AgentId...'

See also: Agents send duplicate incidents