The proxy manager was introduced in the following agent version:
- Windows release is 20.0.0-6690
- Linux release is 20.0.0-6658
The agent through the proxy manager will detect the availability of the proxy server periodically and the default probing interval is as follows:
- Default probing interval: 3 minutes
- Maximum probing interval: 10 minutes
- Default probing connect timeout: 30 seconds
- Maximum probing connect timeout: 120 seconds
In the event the probing connect timeout is reached, the agent activities requiring external communication maybe affected, resulting to the agent would go offline or tasks such as security updates or agent upgrade will fail.
The timeout issue can be verified from the ds_agent.log, here is a sample
2023-04-11 18:12:27.002031 [+0800]: [dsa.ProxyManager.Utils/5] | Detecting the proxy connectivity, host: 10.209.83.71, port: 8088, Available: false | dsa/ProxyManager/Utils.lua:117:Probe | 2B8C:E48:dsa.Scheduler_0010
Workaround
Extending the timeout for proxy probing will be available for DSA version 20.0.0-6860 and above:
- Login to the server with the affected agent and create a configuration file:
- For Windows : Create a file named ds_agent.ini under the %SystemRoot% directory (example: C:\Windows\ds_agent.ini)
-
For Linux: Create a file named ds_agent.conf under /etc directory (example: /etc/ds_agent.conf)
- Extend the probing timeout to 120 seconds by adding the following line in the configuration file.
- "dsa.proxymanager.ProbeTimeoutInSec=120"
For the release notes, please refer to What's new in Deep Security Agent?