Question
Under normal circumstances, the Contrast agents retrieve their policy and report all findings and attack events to the Contrast UI Server.
How do the agents behave if connectivity is lost to the Contrast UI Server? And what happens when connectivity is re-established?
Answer
| If the Contrast Server is unavailable when: | |
|
An agent starts up for the first time |
The agent will disable itself, allowing the application to start up without it. |
| An agent starts up for the nth time (n > 1) |
The agent will disable itself, allowing the application to start up without it. |
| An already running agent in Assess mode attempts to communicate |
Findings are not reported to the Contrast server. |
| An already running agent in Protect mode attempts to communicate | Attacks are not reported to the Contrast server, but they will still be written to the agent's security.log file and any configured Syslog servers. Attacks will still be blocked according to the policy retrieved before the outage. |
| Connectivity is re-established | If the agent had been loaded normally prior to the disruption, functionality will continue as normal. |
<%= heading %>