What needs to be changed in the Symantec DLP GUI if the IP Address of one of the detection servers has changed (Network Monitor box, for example)?
Once the IP Address of the detection server has been changed, you will need to change the Host field in the config page of the specific detection server in the User Interface on the Enforce Server. Perform the following actions:
Enforce Console -> System Overview -> click on the Detection Server (Monitor) that needs to be changed -> click on the Configure button
Change the host field to the new IP address or FQDN
Go to System Overview -> Enforce Server and click on "Recycle" next to "DetectionServerController Status" to restart the service (This will temporarily disconnect all Detection Servers from the Console. Make sure no scans are running or they will be interrupted)
If using the hostname (FQDN) in the Host field, rather than the IP, then it won't work until the DNS has been updated. Nslookup, from the enforce server, can be used to confirm the FQDN is resolving correctly.