For clarification, all customers of the DLP Cloud Service need to login to the CMP in order to gain access to the Cloud Service: https://cmp.protect.broadcom.com/

Below are the steps you will need to follow in order to get your Cloud Service "provisioned" - and to receive your enrollment bundle:

1. Purchase the Cloud Service.
2. Confirm receipt of a "Welcome email" directing you to login to the Cloud Management Portal.
   • Note that this email sometimes ends up in a SPAM folder. This first email should be sent from "[email protected]".
   • Login to the Cloud Management Portal.
   • FYI: The CMP account as setup uses the same SSO method to sign in as the account you would use to access your Support cases on the Broadcom portal (e.g., you need an account in Okta).
   • Once successfully logged in to the CMP, your account will appear as "Enabled" to the Technical Support teams. Otherwise it shows up as "New" and we will advise you to complete this step.
3. Next you need to verify the setup of the Cloud Detection Service needed.
   The details submitted will vary somewhat with each type of Cloud Detector:
   • For ALL Detector types: The email address of a DLP "Admin". The Cloud Operations team may use this info to contact you and your team directly, as in the event of an issue with your Cloud Service. Thus, this should be not be an individual email address - we suggest you use a Distribution List.
   • For ALL Detector types: The region where you need your Detector to be "housed" - either EMEA or US. At this time, APJ customers should choose the US region.
   • For Cloud Service for Email entitlements, you need to verify your email setup or mailflow - designating the MTA you will be using with the Cloud Service. It needs to be one of the following supported configurations:
     • Forwarding mode - the "next hop" after DLP is Email Security.cloud - aka "MessageLabs". Note: Customers need to provide their Email Security.cloud user name as part of this configuration. This is also known as the "Clientnet" ID [Detector MIN CREF], and is always 3 letters followed by 4 numerals, e.g., ABC1234:
       • G-Suite/Google for Work gmail => DLP Cloud Service for Email => Email Security.cloud
       • O365 => DLP Cloud Service for Email => Email Security.cloud
     • "Hybrid" mode - actually also a "Forwarding mode" option: a Hybrid mode Detector will accept messages from your on-prem Exchange or from your O365 tenant:
       • Exchange / O365 => DLP Cloud Service for Email => Email Security.cloud
     • Reflecting mode - only available for customers of O365/M365: no Email Security.cloud integration is needed, instead, messages go back to O365 for final transport and delivery:
       
       • O365 => DLP Cloud Service for Email => O365
         
     • NOTE: there are no other supported configurations for the Cloud Service for Email at this time. 
4. Until you actually submit its configuration, the status of your entitlements will have a wrench icon:
   
   • When you've successfully submitted your configuration its status will change to this icon:
     
     At this point, your new Cloud Detector should be provisioned within 1-2 business days.

When provisioning is complete, the Cloud Operations team will send a second Welcome Email to the DLP Admin as submitted above - including the Enrollment Bundle and configuration details.

The bundle email will be sent from "[email protected]".

*Until the configuration has been submitted as above, no provisioning will have occurred, and no bundle can be issued.*