Error in CASB "DLP should be enabled when activating DLP appliance."
search cancel

Error in CASB "DLP should be enabled when activating DLP appliance."


Article ID: 172165


Updated On:


Data Loss Prevention Cloud Detection Service CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package


When trying to register a new DLP Cloud Detection Server as an External Appliance in the CASB server, the error appears despite having a non-expired, unique token for the purpose.

"DLP should be enabled when activating DLP appliance."


  • DLP Cloud Detection Server is successfully registered and is showing as "connected" in Enforce console
  • The CDS has never been previously registered with a CloudSOC (aka CASB) console OR the token for the CloudSOC has been reset after a previous appliance removal


It's hard to notice sometimes, but there is a button to "enable" the appliance, prior to registration and activation.


Use the option to Enable the appliance, then use the drop-down menu under "Actions" to Connect and Activate the appliance.

Additional Information

  • Here is the TechDoc that goes over Provisioning the Symantec DLP Cloud Detection Service in Cloudsoc
  • There are a few token-specific errors which indicate an expired token, use of an incorrect token, or an incomplete profile on the DLP Cloud Detector (which also prevents registration in CASB for a new DLP Detector).
  • Here is a landing page for other errors which can occur when attempting to register a DLP Detector with CASB:

You receive an error using a token to connect your DLP Cloud Detector to CASB (