No detection occuring via new Cloud Connector after successful enrollment of server in DLP v15
Last Updated October 24, 2017
After a new Cloud Connector has been enrolled in DLP v15, to include the full loading of its profile and policy matrix, there are no incidents or detections occurring via the related technology (WSS or CloudSOC) - despite the successful registration in either of their respective consoles.
DLP v15, with Cloud Service Connector and any of the following associated technologies:
Web Security Services proxy (i.e., Blue Coat WSS Proxy)
REST API (associated with custom application as configured by end-user)
Firstly, be sure there are no two-tier indexing issues, as per related article (TECH237055).
Secondly, in contrast to settings in DLP v14.6.x, in DLP v15 and above it is required that a "New Configuration" be setup in order for successful detection via Cloud Services.
Follow the steps given in the Admin Guide (also available online, via the Symantec Help Center, by clicking on the "?" in the Enforce Console), in the section entitled "Managing Application Detection":
After you have deployed and configured your Symantec Data Loss Prevention
Cloud Service Connector, you can configure cloud application detection on theManage > Application Detection > Configuration page
Take note, however, that while the documentation suggests you "can" perform this step, it is in fact required.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe