For Advanced Threat Protection (ATP) 2.3 or later, when using Synapse with the Email Security.cloud correlation feature, you see the above error showing as the status for this feature.
The Health Status may also show the message, "Synapse Email correlation is malfunctioning: please check configuration."
This is indicating that, as the error states, the specified user or password is currently invalid. This can happen at any time given that passwords on cloud can expire if configured as such.
Validate that the user & password are correct by using the same username/password to log in to: http://clients.messagelabs.com/
Reset username/password on ESS Portal OR
Re-enter username/password on ATP by disabling and enabling ESS correlation
NOTE: When testing username and password via clients.messagelabs.com, please remember that accounts with 2 Factor authentication enabled do not require a unique VIP token specified for each secondary login. Also, if you use a primary login to reset the password of a secondary account, you actually create a temporary password. The first time the secondary is used to login, it will be required to set a new password. Until this permanent reset occurs, ATP will not be able to use the credentials for the secondary login to authenticate and retrieve events from Email Security.cloud.
Subscribing will provide email updates when this Article is updated. Login is required.