Policy engine Retention Period for Unused Policies in Data Protection

Document ID:  TEC1826687
Last Modified Date:  06/15/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Data Protection

Releases

  • CA Data Protection:Release:14.5
  • CA Data Protection:Release:14.6
  • CA Data Protection:Release:15.0
  • CA Data Protection:Release:15.1
  • CA Data Protection:Release:15.2

Components

  • CA DataMinder Active Policy Management:DLPAPM
Introduction:

The policy engine has setting in the Machine policy of "Policy Engine/Retention Period for Unused Policies (days)"

 

The online help has the following explanation:

After use, policies are retained by the Policy Engine in case they are required again.  This setting controls the amount of time the Policy Engine retains unused policies.  The default value of the setting is one week.  To impose no time limit, set the value to zero.

Question:

To expand on the explanation:

what is meant by the policy being "unloaded" if it hasn't been used after the default 7 days? 

Where does it go when it's "unloaded"? 

When/how may it be re-loaded? 

Environment:
All
Answer:

The Retention Period for Unused Policies in Data Protections Policy engine is basically a cache of the latest policy set from the CMS. 

When the PE starts up, it will make a call to the CMS to obtain the latest policy set, the CMS passes the entire policy xml to the PE which is then cached locally. Policy is then 'Loaded into Memory' of the PE for speed of application. 
Generally ALL policy is 'loaded' into memory, but there is provision for some of the policy to remain in cache and be called into memory as required. - This is rarely or never used as the size of the whole policy is generally nowhere near 2GB (Java limitation for a memory slot) . 

If the policy is not used after a default 7 days, it will be requested again from the CMS, effectively refreshing any potential changes on the PE. 
Any policy which HAS been used, will follow the steps below: 


The event enters the PE and the PE checks for the correct policy for that event, This check is a small # call to the CMS to ensure the correct policy is in cache and no changes have taken place. if no changes, the policy in cache is used, however if there are changes, these changes (not the whole policy) are requested from the CMS and are then put into cache and applied to the event. 

The majority of events would obviously have no change and the correct policy would be in cache. This is done for speed, and keeps the policy up to date on all PE's. 


So to answer your questions specifically: 
1. please specify what is meant by the policy being "unloaded" if it hasn't been used after the default 7 days? 
- Policy is 'loaded' into memory, Unloaded is effectively the cache of the whole policy being 'refreshed'. 

2. Where does it go when it's "unloaded"? 
- The policy is placed in Memory, so the term 'Unloaded' is effectively policy being overwritten, deleted or replaced from memory. 

3. When/how may it be re-loaded? 
As above, after 7 days the PE will call to the CMS for a refresh of the policy where it isnt used. 

The above is when all is working as it should, however, the PE local policy cache is also in place for resilience. If the CMS is down or out of contact for some reason, the PE will apply the policy it has in cache. 
Desktop clients work in the same way, although desktop clients only have a local copy of the policy for the person logged on, not the whole policy. 

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >