Symantec™ Cloud Workload Protection is taking too much time to complete some tasks

book

Article ID: 171387

calendar_today

Updated On:

Products

Cloud Workload Protection

Issue/Introduction

New SSL certificates are being deployed on the Symantec single point of contact (SPOC) server, due to which the connectivity between the server and the CWP agents/CWP for Storage - S3 scanners is impacted. This will cause a delay of around 10 minutes in performing various operations from the CWP portal.

The existing protection for your instances and S3 buckets will remain unaffected. The instances and S3 buckets will also continue to send events to the server without any delay.

The impacted operations are:

CWP  CWP for Storage - S3
Applying and revoking policy groups Synchronizing the S3 buckets with the enrolled scanners
Running software service discovery Getting scanner status
Running and scheduling Anti-Malware scans Unenrolling scanners
Collecting agent logs  
Unenrolling an agent  

This issue impacts all existing and new CWP deployments starting April 04, 2018. New versions of the agents will be released later this month.

Resolution

For CWP:

  1. Download and extract the attached cert.zip file.
    The extracted folder contains two files - digicert_spocpool.crt and digicert_spocpool.der.

  2. On Linux instances:

    1. Copy the digicert_spocpool.crt file to the /opt/Symantec/cafagent/bin/certs directory.

    2. Open a terminal window and type the following commands to set correct file permissions:
      chmod 750 /opt/Symantec/cafagent/bin/certs/digicert_spocpool.crt
      chown dcscaf:dcscaf  /opt/Symantec/cafagent/bin/certs/digicert_spocpool.crt

    3. Type the following command to restart cafagent:
      /etc/init.d/cafagent restart

  3. On Windows instances:

    1. Copy the digicert_spocpool.der file to the C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\Common Agent Framework\certs folder.

    2. Restart cafagent in service control manager or type the following command in command prompt:
      net stop CAF && net start CAF  

​​For CWP for Storage - S3:

  1. Download and extract the attached cert.zip file.
    The extracted folder contains two files - digicert_spocpool.crt and digicert_spocpool.der.

  2. On the scanner instances:

    1. Copy the digicert_spocpool.crt file to /opt/Symantec/cafagent/bin/certs directory.

    2. Open a terminal window and type the following commands to set correct file permissions:
      chmod 750 /opt/Symantec/cafagent/bin/certs/digicert_spocpool.crt
      chown dcscaf:dcscaf  /opt/Symantec/cafagent/bin/certs/digicert_spocpool.crt

    3. Type the following comand to restart cafagent:
      /etc/init.d/cafagent restart

Attachments

cert.zip get_app