About policy distribution to agents prior to 16.0+ agent deployment
Article ID: 250881
Data Loss PreventionData Loss Prevention Endpoint PreventData Loss Prevention Endpoint Discover
DLP 16.0x includes a new policy structure that requires additional consideration when agents have not yet been upgraded to 16.0x Failure to prepare for this may result in event code 1216 'The Execution Matrix has reached the memory limit'
Enforce and Endpoint servers have been upgraded to 16.0 and later, while agent versions 15.8.x and earlier are still present.
ExecutionMatrixLowMemoryMonitor.freeMemoryLimitMB lower than is necessary.
To send policies to legacy agents (pre 16.0) the policy size needs to be set in the Enforce UI (System > Settings > General > Legacy Agents Policy Set Size Limit). In addition to this there are 3 more settings that control the creation and propagation of policies to legacy agents.
These can be added to the FileReader.properties and need the FileReader to be restarted to take effect.
ExecutionMatrixLowMemoryMonitor.freeMemoryLimitMB - Default Value 200 MB. This determines how much MB of FileReader memory should be free for the legacy policy to be created.
ExecutionMatrixLowMemoryMonitor.freeMemoryLimitPercentage - Default Value 5 percent. This determines how much percent of FileReader memory should be free for the legacy policy to be created.
ExecutionMatrixLowMemoryMonitor.sizeLimitAsPctOfMaxMem - Default Value 25 percent. This limits the size of legacy policy to the percentage of FileReader XMX. For Example: if a legacy policy of 1 GB needs to be created, then the FileReader XMX needs to be at least 4GB (at default 25 percent).