Detection Server - Agent Status information not updating after restarting DetectionServerService on Enforce
Article ID: 224898
Updated On:
Products
Data Loss Prevention Network Monitor and Prevent for Email and Web
Data Loss Prevention
Issue/Introduction
After restarting the Enforce server or the Symantec DLP Detection Server Controller Service service, the majority of the detection servers will start reporting agent status updates (eg. Last Update received) immediately. However a proportion of randomly affected detection servers will:
- Show as connected in the Enforce console
- Deploy policies and report incidents but...
- Will report no agent status updates at all, even after some hours
Restarting the affected detection servers' service will cause the agent status to update immediately and report normally thereafter
Environment
Release:15.8
Cause
Multiple.
Resolution
Often there is more that one factor contributing to this issue.
- If the agent polling interval in the agent configuration advanced settings has been reduced from the default 15 minutes this can contribute to the issue - reapplying the default may resolve the problem
- In some cases, increasing the accepttimeout to 120,000 in the communication.properties configuration file on the detection servers can help
- Network latency on remote sites
- A hotfix based on 15.8 MP1 (15.8.00103.01003) has been made available for this issue which will increase the default timeouts for handshake negotiations
Feedback
Yes
No
Powered by
