search cancel

Expired CloudSOC tenant - What to expected when the entitlement is expired?

book

Article ID: 172096

calendar_today

Updated On:

Products

CASB Audit CASB Gateway Advanced

Issue/Introduction

Environment expired [details of expired situation]

What is the data retention period after expiration?

What is the deactivation time line?

 

 

Cause

Components Functionality:

On the day after a tenant's expiration date has been reached, all entitlements are revoked. This means:

  • Any Audit, Securlet and/or Gateway access is revoked. No data is deleted at this time
  • No active data processing going on (All component).
  • New Audit logs uploaded will be ignored
  • No API calls will be made to any SaaS apps,
  • Gateway will not honor forwarded traffic, etc.
  • Only System Administrators can login to the Cloudsoc Console, to access general platform configurations or download archives. 
  • Users and Admins will not have access to the CloudSOC portal. 

 

Data Retention:

On the 7th day following the expiration, all Investigate, Securlet and Detect data is archived into downloadable files. These archives will be available for system admin accounts to download from CloudSOC for 30 days after the expiration date. Audit data is deleted.

On the day following the 30th day after expiration, the entire tenant is deleted, all archives are wiped. 

 

Note for PoC Tenants:

On the 15th day after expiration, the tenant is deleted unless the 'Delete Exemption' flag is set. 

 

Environment

  • CloudSOC Elastica Tenant

Resolution

Contact CASB Support Team, for the requested restoration of the expired Tenant will require CloudSOC Development Team interaction on the back-end to pull the archived data into the restored Tenant.