How to onboard Protection Engine customers to the central cloud console.

book

Article ID: 197663

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

After installing SPE 8.0, attempting the Onboarding procedure for the centralized console produces the following error:

Sorry, we are unable to process your request at this time. If the problem persists, please contact support.


Cause

Provisioning failed during the onboarding procedure.

Resolution

 

  1. Please open a support case.
  2. In the support case, reference this KB,
  3. Attach the .slf license file used during the onboarding attempt
  4. Fill out the following template, and add it to the case

    First name:
    Last name:
    Email:
    Company:
    Country:
    Address 1:
    Address 2:
    City:
    State:
    Zip:
    Phone:
    Industry:
    Site ID/support ID:
    Serial Number:



    The information provided will be used to create the initial user account, which will be a super administrator for the organization. That user account will be able to create additional user accounts.


Additional Information

Post-onboarding FAQ

Q1. Once I have my account, how do I enroll scanners? 
A1. https://help.symantec.com/cs/spe_8_2/SPE/v127861589_v134541521/Enrolling-the-scanners-with-the-centralized-console?locale=EN_US

Q2. How do I change passwords?
A2. Each user should be able to change their own password on (username)>My Account.

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/symantec-protection-engine/8-1/Centralized_Console_4/manage-user-accounts-v127941674-d4995e35491.html

Q3. How do I view my scanners to prove definition version?
A3. Navigate within a SPE domain to Assets > Scanners

Q4. How do I export the list of SPE scanners? 
A4. In browser, right click, click "Save As...". In Excel, create a new blank spreadsheet, then on Data tab, click "Get External Data", click From Web, then specify file://(paste full path and filename, including extension). This is a little clunky, but it works.

Q5. Is there no Export to .csv function on the scanners page?
A5. Seems like a separate case for an enhancement request.

Q6. How do I export event data from the centralized console to splunk?
A6. https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/symantec-protection-engine/8-1/Logs,_Alerts,_and_Reports_9/importing-symantec-protection-engine-events-into-s-v128206670-d4995e35591.html

Q7. How do I export event data from the centralized console to QRadar?
A7. Currently, the API permits support to assist with configuring to permit login and query for events. A similar product, Symantec Endpoint Detection and Response, has an add-in console that installs into QRadar, accepts API credentials from SEDR, then queries for event data from SEDR. Currently, I am not aware of a SPE add-in for QRadar.You would need to craft your own python script to perform these queries. To request BROADCOM to craft a SPE App for QRadar would be an enhancement request.

 

Attachments