Changes to the single sign-on (SSO) feature in SEDR 4.4.

book

Article ID: 191670

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

As of Symantec EDR 4.4, changes to the SSO feature require that you to perform actions after migration to continue to use this feature.

Resolution

Identity provider (IdP)

Actions

Norton Secure Login (NSL)

NSL is no longer supported.
Upon migration, the SSO link on the EDR appliance console logon page and related settings on the Settings > Data Sharing page no longer appear.
To continue using SSO, configure a new identity provider (IdP) (for example, Okta).

IdP other than NSL

If you use an IDP other than NSL for SSO, update your configuration as follows:

  1. In the EDR appliance console on the left navigation pane, click Settings > Data Sharing.
  2. In the Single Sign-On section, click the three vertical dots to reveal edit icons for each of the SSO configuration panels.
  3. Click URLs for Identity Provider.
  4. Copy and paste the Symantec EDR URLs to the appropriate fields in your IdP administration console.
  5. Download the Symantec EDR sso.cert and upload it to your IdP.
  6. Verify that the fields in the other panels are still the proper parameters for your IdP.