Detection servers (such as Email Prevent) intermittently show as disconnected or "Unknown" in the Enforce Console. The issue appears to resolve itself but recurs randomly.

Upon reviewing the MonitorController.log on the Enforce Server, the following errors are found:

• Message: Publishing to the connection ConnectionIdentifierId [...] failed for the provider com.symantec.dlp.services.icesettings.ICESettingsApplicationProvider
• org.springframework.dao.DataAccessResourceFailureException: could not extract ResultSet; nested exception is org.hibernate.exception.JDBCConnectionException: could not extract ResultSet
• Caused by: java.sql.SQLRecoverableException: IO Error: A connection attempt failed because the connected party did not properly respond after a period of time
• Message: Database connection is down.

DLP 16.1

The Enforce MonitorController service is responsible for maintaining and publishing the status of all detection servers. This service requires a constant connection to the Oracle database.

If the connection to the database is interrupted—due to network latency, database timeouts, or high resource contention—the MonitorController encounters a JDBC SQLRecoverableException.

In versions of DLP prior to 16.1 MP2, this exception could cause the service to fail to update detection server statuses correctly, leading to the servers appearing as disconnected in the console.

Step 1: Upgrade to DLP 16.1 MP2 or Higher

Broadcom has introduced a fix for this specific exception handling behavior in DLP 16.1 Maintenance Pack 2 (MP2).

• Reference: CRE-22084
• Impact: The fix ensures that the MonitorController handles the SQLRecoverableException more gracefully, allowing for better recovery once database connectivity is restored.

Review the DLP 16.1 MP2 Release Notes for more details.

Step 2: Investigate Underlying DB Connectivity

While the upgrade improves how DLP handles the error, the root cause is the database connection drop. Perform the following checks:

1. Check DB Server Availability: Review the Oracle alert logs for errors occurring at the exact timestamp of the disconnections found in the Enforce logs.
2. Network Stability: Ensure there is no firewall or network security device between the Enforce Server and the Database Server that is terminating long-lived idle connections.
3. Resource Contention: Verify if scheduled tasks (like database backups or heavy reporting) are occurring at the same time as the disconnections, potentially causing the database to become unresponsive.