After a new Cloud Detector is added to the Enforce as a Detection Server, no incidents are being created, and it doesn't seem possible to view all configuration options as expected (e.g., incidents specific to "cloud" should be listed separately as an incident category).

Yet it is confirmed that content is successfully being uploaded - via the Elastica CloudSOC, for example.

Newly added DLP Cloud Detector that has been successfully registered and enrolled with Elastica CASB CloudSOC.

• In DLP 15.x, this service and its associated product is known as the Cloud Detection Service
• In DLP 14.6 versions, the server which connects to the CASB CloudSOC was previously called the Cloud Service Connector

In the Enforce Server there are certain Role-Based Access Controls (RBAC) for managing the configuration of a Cloud Detection Server (CDS).

There are also new controls required for viewing cloud incidents.
Also, Cloud Detectors have additional configuration options to ensure that existing Policy Groups are assigned to Cloud Detectors for inspection of content that is being pushed to the Elastica CASB.

For DLP 15.0 and higher versions

Logging in as Administrator, go to Login Management > Roles

1. For each role required to view incidents from cloud services, be sure the following are selected in the General tab:
   • For Cloud Service for Email, the User Role needs to have permissions to view Network Incidents
   • For Cloud Detection Service, the User Role needs to have permissions to view Application Incidents
2. For each role required to manage the assignment of policies to Application Detectors, be sure the following are selected in the Policy Management tab:
   • Under Privileges, select Application Detection Control

In addition, adding an "App Detection" configuration is required for Cloud Detection Servers to receive policies:

• Under Manage > Application Detection, privileged users can select specific Policy Groups in order for them to actually be synced with the CDS.