SEP for CWP installs in self-manage mode

book

Article ID: 208493

calendar_today

Updated On:

Products

Cloud Workload Protection

Issue/Introduction

SEP for CWP installs in self-managed mode on agent.

 

Cause

This can happen when the server cannot reach out to the API gateway.

https://usea1.r3.securitycloud.symantec.com:443
(Symantec cloud API gateway for the agents to upload its events to the Symantec cloud server.)

Environment

SEP 14.3 RU1 (14.3.3384.1000)

CWP agent 6.8.1.207

Resolution

1. Check the firewalls rules to ensure enrollment is not being blocked.
Review firewall rules:
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/cloud-workload-protection/1-0/Getting_Started_1/firewall-requirements-in-v121465361-d187e8066.html 

2. Delete the CAFStorage.ini file  (C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\Common Agent Framework\CAFStorage.ini)

3. Restart the CAF service to trigger the CAF agent enrollment.

4. Check to see if the CAFStorage.ini file was recreated in the directory.

5. Check the CWP portal if the agent status is reporting as 'installed'.