Data Loss Prevention

 View Only

  • 1.  Adding new Web Prevent server problem to Enforce, status unknown

    Posted Jan 19, 2019 09:53 PM

    Hello.   I have installed DLP detection server on a Windows 2106 server and im trying to add it as a Web Prevent detection server on our DLP 15.1 environment.    The server status is " ? Unknown".    Do I have to restart a specific DLP service on our Enforce Sever to have the Enforce server see it as "Status Running"?

     

    CAn you let me know exactly which service need restarting?  I tried recycling the "DetectionServerController Status" on the Enforce server through Server Overview page, but it doesnt seem to change the status of the new Web Prevent server as "Running"

    Thanks in advance. 

     

     



  • 2.  RE: Adding new Web Prevent server problem to Enforce, status unknown

    Posted Jan 20, 2019 09:04 PM
    Hi Neil, Can you verify the connectivity between Enforce Server and the Web Prevent Detection Server on the configured port (default is 8100) ? The firewall needs to allow communication from the Enforce to the Detection Server on this port. Kind regards


  • 3.  RE: Adding new Web Prevent server problem to Enforce, status unknown

    Posted Jan 25, 2019 09:47 AM

    Hi Neil,

     

    Have you checked the services are running on the Web prevent server? You may also need to check the following:

    1. As per Muhammad's comment about ensure that port 8100 is open on your firewalls

    2. Are you using custom certificates or the default certificates in your environment? If so you will need to copy the monitor cert you your Web prevent keystore location.

    3. Does the IP address in Enforce match the IP address on the server?

     

    Please let me know how you get on.

     

    Thanks



  • 4.  RE: Adding new Web Prevent server problem to Enforce, status unknown

    Posted Jan 25, 2019 03:53 PM

    Ensure the VontuMonitor service is running on the detection server .. Have you restarted MonitorController on Enforce? Check Monitorcontroller0.log on Enforce for errors.



  • 5.  RE: Adding new Web Prevent server problem to Enforce, status unknown

    Posted Jan 31, 2019 10:06 AM

    Hi Niel,

    1)  Ensure you have connectivity on Port 8100 from Enforce to Detection Server

    2)  If you are using custom certifcates for communication between enforce and detection server , you need to copy monitor cert to web prevent keystore 

    3) If the above steps are verified , & no luck . Attach Monitorcontroller0.log from Enforce,Boxmonitor0.log & Communication.propertiesvfrom webprevent server for review 

     

    BR,

    Ridhi Singh



  • 6.  RE: Adding new Web Prevent server problem to Enforce, status unknown

    Posted Mar 13, 2019 02:13 PM

    Neil - I had the same issue last week when I setup 5 Network Prevent's on a new 2016 server build. Though I don't use the default certificates and had copied our own keystore (Mon_MMM_DD_HH:MM_SS....sslkeystore) file into ProgramData it was still not listening on 8100 after restart. Install log showed success and only log message was unable to init transport layer. 

    I could find no other solution other than a KB about the custom certificate not being copied which I had already done. 

     

    The end fix was it also needed to have the IP\HostName commented out in the Communication.properties file, even if it was the correct addess. 

    Once I did that and restarted the DLP service it was listening on 8100 and Enforce connected\registered the Detection server.